CVE-2022-46489

MEDIUM

GPAC <2.1 - Memory Corruption

Title source: llm

Description

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.

References (1)

Scores

CVSS v3 5.5
EPSS 0.0005
EPSS Percentile 14.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE
CWE-401
Status published

Affected Products (1)

gpac/gpac < 2.2.0

Timeline

Published Jan 05, 2023
Tracked Since Feb 18, 2026