CVE-2025-55658

Published: Jun 9, 2026Modified: Jun 12, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf_opus_parse_packet_header function (media_tools/av_parsers.c). bThis vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

Affected (1)

Products: Gpac: Gpac

Gpac

1 product

Gpac

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gpac Gpac	Version 2.4

Related CWEs

CWE-1077

Floating Point Comparison with Incorrect Operator

The code performs a comparison such as an equality test between two float (floating point) values, but it uses comparison operators that do not account for the possibility of loss of precision.

References (1)

https://infosec.exchange/@sigdevel/116710224797830572

Source: cve@mitre.org

ExploitMitigationThird Party Advisory

Timeline

No history available yet.