CVE-2023-48011
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-48011
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-48011.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-48011
- Downstream
- Published
- 2023-11-15T19:15:07Z
- Modified
- 2025-10-21T13:31:14.514100Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flushrefsamples function at /gpac/src/isomedia/movie_fragments.c.
- References
Affected packages
Git / github.com/gpac/gpac
Affected ranges
- Type
- GIT
- Repo
- https://github.com/gpac/gpac
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.5.2
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.8.0
v0.9.0
v0.9.0-preview
v1.*
v1.0.0
v1.0.1
v2.*
v2.0.0
v2.2.0
Database specific
vanir_signatures
[
{
"id": "CVE-2023-48011-5ca25faa",
"target": {
"function": "UpdateRuns",
"file": "src/isomedia/movie_fragments.c"
},
"source": "https://github.com/gpac/gpac/commit/c70f49dda4946d6db6aa55588f6a756b76bd84ea",
"signature_type": "Function",
"digest": {
"function_hash": "186520386737697678047019757854293139872",
"length": 3584.0
},
"deprecated": false,
"signature_version": "v1"
},
{
"id": "CVE-2023-48011-9897425d",
"target": {
"file": "src/isomedia/movie_fragments.c"
},
"source": "https://github.com/gpac/gpac/commit/c70f49dda4946d6db6aa55588f6a756b76bd84ea",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"105473784551395699847681896864128047098",
"169233142104287468204217020161218650853",
"295137613972129593023311624045430336211",
"122227364841943508185648159561028255083",
"280438232154486073836040673683815890630",
"268335467947509479801739844967799269108",
"43649601328013459749662718710286303992",
"164126358962049468848547674719792262244"
]
},
"deprecated": false,
"signature_version": "v1"
}
]