CVE-2023-46871

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 7, 2023

Updated: Dec 12, 2023

CWE ID 401

Summary

CVE-2023-46871 is a newly disclosed vulnerability affecting GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box. The issue lies in the scenegraph/vrml_tools.c file, specifically line 300, where a memory leak has been identified. This vulnerability poses a denial of service risk, as the memory leak may allow an attacker to cause the application to consume excessive resources and crash. Users are advised to update their GPAC installations to a patched version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

GPAC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tMy8c2
https://www.cve.org/CVERecord?id=CVE-2023-46871
https://nvd.nist.gov/vuln/detail/CVE-2023-46871

Back to Vulnerability Database

CVE-2023-46871

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations