CVE-2023-3291Heap-based Buffer Overflow in Gpac

CWE-122Heap-based Buffer OverflowCWE-787Out-of-bounds Write6 documents6 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 74.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Gpac GpacGpacDebian Gpac+3 more
Timeline
PublishedJun 16
Latest updateOct 18

Description

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages6 packages

NVDgpac/gpac< 2.2.2
CVEListV5gpac/gpac_gpacunspecified2.2.2
debiandebian/gpac

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
OSV
CVE-2023-3291: Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 22023-06-16
GHSA
GHSA-9pv7-q9jh-w7p4: Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 22023-06-16

📋Vendor Advisories

2
Jenkins
Jenkins Security Advisory 2023-10-182023-10-18
Debian
CVE-2023-3291: gpac - Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.2023

💬Community

1
Bugzilla
CVE-2023-28756 ruby: ReDoS vulnerability in Time2023-04-03
CVE-2023-3291 — Heap-based Buffer Overflow in Gpac Gpac | cvebase