CVE-2023-47384

MEDIUM

Gpac - Memory Leak

Title source: rule

Description

MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

References (1)

[Issue Tracking, Third Party Advisory] https://github.com/gpac/gpac/issues/2672

Scores

CVSS v3 5.5

EPSS 0.0006

EPSS Percentile 17.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (1)

gpac/gpac

Timeline

Published Nov 14, 2023

Tracked Since Feb 18, 2026