CVE-2023-4681

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-4681

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4681.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-4681

Downstream

DEBIAN-CVE-2023-4681

UBUNTU-CVE-2023-4681

Published

2023-08-31T15:53:57.302Z

Modified

2026-04-12T06:44:46.604890Z

Severity

5.1 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVSS Calculator

Summary

NULL Pointer Dereference in gpac/gpac

Details

NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/4xxx/CVE-2023-4681.json",
    "cwe_ids": [
        "CWE-476"
    ],
    "cna_assigner": "@huntrdev"
}

References

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type: GIT
Repo: https://github.com/gpac/gpac
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c

Type: GIT
Repo: https://github.com/gpac/gpac
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c

Affected versions

v0.*

v0.5.2

v0.6.0

v0.9.0

v0.9.0-preview

v1.*

v1.0.0

v2.*

v2.0.0

v2.2.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4681.json"

vanir_signatures

[
    {
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "228956266563924741886740150879537441456",
                "157540797212257222240083828884761253156",
                "116172836651915470948300612486841254589",
                "88491430940312502646771770048619014558",
                "194593519514902413965566947488507846525",
                "273145753119662300140694403204693636962",
                "230505140121577373572271627318909471237",
                "232299734524447109478139946560074476214",
                "214104429934311726085184461235661344267",
                "271178065846468879031115438007263132210",
                "247537365570284107494589392108281692012",
                "64229793497433106111947707583689990757",
                "24377845455796407719613160504693210831",
                "210557609025033656986587075276061767250",
                "196727431287376977213027382049056452800",
                "299835963184893928933349357592395835141",
                "221870031796412493126553799470467452625",
                "316535529774463693203795228286518271278",
                "108335707822795324830199571513564043136",
                "45449172542539404444772187844251282"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
        "id": "CVE-2023-4681-194c022b",
        "target": {
            "file": "src/media_tools/avilib.c"
        }
    },
    {
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "333504724465654407576826987962729524375",
                "63003032487709101724183089140208468991",
                "317542600815826085559399540722027009317",
                "80899570522104376489311998158595595238",
                "221050957040532270980123398562258982786",
                "16384574690274658641345153075672388708",
                "44756458142263959920915779039832215093",
                "306127255901830898402327154963475387826"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
        "id": "CVE-2023-4681-61edeaed",
        "target": {
            "file": "src/media_tools/mpeg2_ps.c"
        }
    },
    {
        "deprecated": false,
        "digest": {
            "length": 1193.0,
            "function_hash": "7825223821165836161230033993159711725"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
        "id": "CVE-2023-4681-622f7433",
        "target": {
            "function": "get_info_from_frame",
            "file": "src/media_tools/mpeg2_ps.c"
        }
    },
    {
        "deprecated": false,
        "digest": {
            "length": 25612.0,
            "function_hash": "207832194469358567883166047078125262788"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
        "id": "CVE-2023-4681-83b6ab1a",
        "target": {
            "function": "avi_parse_input_file",
            "file": "src/media_tools/avilib.c"
        }
    },
    {
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "203266839199215303245917129155627550062",
                "325603647669302415240279831467064297018",
                "176372028692163430206160807564606150662",
                "38951229708949324394289918342158240055",
                "99913726557001578715241780492202307062",
                "80628206526510407134383912321569199643",
                "150836974687510789756420629426542650072",
                "145659660232263937290866761332998721826"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
        "id": "CVE-2023-4681-e8805331",
        "target": {
            "file": "src/filters/dasher.c"
        }
    },
    {
        "deprecated": false,
        "digest": {
            "length": 29994.0,
            "function_hash": "162186237146227738599300456452558245522"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
        "id": "CVE-2023-4681-ed163667",
        "target": {
            "function": "dasher_process",
            "file": "src/filters/dasher.c"
        }
    },
    {
        "deprecated": false,
        "digest": {
            "length": 1269.0,
            "function_hash": "103095650508534260330103376065416736906"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
        "id": "CVE-2023-4681-f633dbcf",
        "target": {
            "function": "get_info_for_all_streams",
            "file": "src/media_tools/mpeg2_ps.c"
        }
    }
]

vanir_signatures_modified

"2026-04-12T06:44:46Z"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2.3"
            }
        ]
    }
]