CVE-2021-28300

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
14/04/2021
Last modified:
21/04/2021

Description

NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack()" function of GPAC v0.5.2 allows attackers to execute arbitrary code or cause a Denial-of-Service (DoS) by uploading a malicious MP4 file.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gpac:gpac:0.5.2:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools