CVE-2023-48039 — Missing Release of Memory after Effective Lifetime in Gpac

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 86.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 20

Description

GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

▶NVDgpac/gpac2.3-dev-rev617-g671976fcc-master

OSV

CVE-2023-48039: GPAC 2↗2023-11-20

▶

GHSA

GHSA-c54w-7ph9-843g: GPAC 2↗2023-11-20

▶

Debian

CVE-2023-48039: gpac - GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_par...↗2023

▶