CVE-2021-31261

Name

CVE-2021-31261

Description

The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Patch	https://github.com/gpac/gpac/commit/cd3738dea038dbd12e603ad48cd7373ae0440f65
Exploit	https://github.com/gpac/gpac/issues/1737

References