CVE-2024-50665NULL Pointer Dereference in Gpac

CWE-476NULL Pointer Dereference4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 75.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GpacDebian Gpac
Timeline
PublishedJan 23
Latest updateJan 24

Description

gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDgpac/gpac2.4
debiandebian/gpac

🔴Vulnerability Details

2
GHSA
GHSA-4pc8-mg94-p837: gpac 22025-01-24
OSV
CVE-2024-50665: gpac 22025-01-23

📋Vendor Advisories

1
Debian
CVE-2024-50665: gpac - gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_s...2024
CVE-2024-50665 — NULL Pointer Dereference in Gpac | cvebase