Note:
This project will be discontinued after December 13, 2021. [more]
2020-03-24
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_odf_delete_descriptor in odf/desc_private.c that can cause a denial of service via a crafted MP4 file.
| Products | Gpac |
| Type | Release of Invalid Pointer or Reference (CWE-763) |
| First patch | - None (likely due to unavailable code) |
| Links | https://github.com/gpac/gpac/issues/1271 |