← Back

CVE-2021-40607

nvd nist
Published: Jun 28, 2022Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

Affected (1)

Products: Gpac: Gpac
Gpac
1 product
Gpac
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Gpac
Before 2.0.0

Related CWEs

CWE-770
Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (2)

Source: cve@mitre.org
ExploitIssue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatchThird Party Advisory

Timeline

No history available yet.