CVE-2025-7797

Medium CVSS: 5.5

A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null pointer dereference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 153ea314b6b053db17164f8bc3c7e1e460938eaa. It is recommended to apply a patch to fix this issue.

Vendor

Gpac

Product

Gpac

CWE

CWE-404

Yayın Tarihi

2025-07-18 18:15:25

Güncelleme

2025-10-03 16:43:58

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Gpac MEDIUM Gpac 2025

Referanslar

https://drive.google.com/file/d/1Z-C6RajpZ40ujo1iGNt3_mG855mPbs1Q/view?usp=share_link https://github.com/gpac/gpac/commit/153ea314b6b053db17164f8bc3c7e1e460938eaa https://vuldb.com/?ctiid.316862 https://vuldb.com/?id.316862 https://vuldb.com/?submit.616664

Benzer Kayıtlar

High

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs dur…

Medium

CVE-2026-1417

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dump_isom_rtp of the file app…

Medium

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gf_text_import_srt_bifs of the…

Medium

CVE-2026-1416

A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of…

Medium

CVE-2026-1415

A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf_media_export_webvtt_metadata of the file…

Medium

CVE-2025-70302

A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service…