CVE-2023-4756

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-4756
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4756.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-4756
Downstream
Published
2023-09-04T08:24:56.615Z
Modified
2025-12-05T00:10:27.050440Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
Stack-based Buffer Overflow in gpac/gpac
Details

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.

Database specific 
{
    "cna_assigner": "@huntrdev",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/4xxx/CVE-2023-4756.json",
    "cwe_ids": [
        "CWE-121"
    ]
}
References

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type
GIT
Repo
https://github.com/gpac/gpac
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6914d016e2b540bac2c471c4aea156ddef8e8e01

Affected versions

v0.*

v0.5.2
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.8.0
v0.9.0
v0.9.0-preview

v1.*

v1.0.0
v1.0.1

v2.*

v2.0.0
v2.2.0

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01",
        "id": "CVE-2023-4756-bae29837",
        "signature_type": "Function",
        "target": {
            "file": "src/scene_manager/loader_bt.c",
            "function": "gf_bt_check_line"
        },
        "signature_version": "v1",
        "digest": {
            "function_hash": "248969471670354423913633833643448318600",
            "length": 7238.0
        }
    },
    {
        "deprecated": false,
        "source": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01",
        "id": "CVE-2023-4756-e48e1b97",
        "signature_type": "Line",
        "target": {
            "file": "src/scene_manager/loader_bt.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "159980883770019638156314446817634402497",
                "177691367290579395854467380098755301776",
                "177547609927727253232917970462317179226",
                "106799466234984483722179104676976705206",
                "192858067282737056496419545910395749718",
                "209793702161040535968236786835585921436",
                "337238617098004924347294413228698578708",
                "242153535204094392994649042168891423440",
                "224157320800109348735711292323651055671",
                "50650812290744805346066813341934454298",
                "282066337774628935860786118948460123407",
                "261542863855760504059832236557960043282",
                "138114858756252476810517500589087291066",
                "81670259513898047699039334091588162365",
                "154058914503412685594814357024180272659",
                "49933698396067619365573851390073859167",
                "216552187568122321869877685895911600229",
                "187927402125930479632204714895315874837",
                "259803232686737589915358931485226653714",
                "34484451110572194430845707527561756871",
                "306310920425379990060806065370557013959",
                "253100823954240397805525734881280879802",
                "34620981024414339371734869872502791732",
                "152866302972597861012534317415554917024"
            ]
        }
    }
]