CVE-2019-20168

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-20168

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-20168.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-20168

Downstream

UBUNTU-CVE-2019-20168

Published

2019-12-31T00:15:13.007Z

Modified

2025-11-20T11:01:30.741282Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gfisomboxdumpex() in isomedia/box_funcs.c.

References

https://github.com/gpac/gpac/issues/1333

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type: GIT
Repo: https://github.com/gpac/gpac
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

6b4ab401297be43b57f9eddd675971a8a5feab44

Last affected

ed4ec31ea84a1a94abb17669db33f5c4e7a679cf

Affected versions

v0.*

v0.5.2

v0.6.0

v0.6.1

v0.7.0

v0.7.1

v0.8.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-20168.json"