Home > Vulnerability Database > CVE-2023-1449

Mend.io Vulnerability Database

CVE-2023-1449

Date: March 17, 2023

A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability.

Language: C

Severity Score

7.8

Related Resources (8)

Url: https://vuldb.com/?id.223294

Url: https://vuldb.com/?ctiid.223294

Url: https://github.com/xxy1126/Vuln/blob/main/gpac/2

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-1449

Url: https://www.debian.org/security/2023/dsa-5411

Url: https://github.com/gpac/gpac/issues/2387

Url: https://security-tracker.debian.org/tracker/CVE-2023-1449

Url: https://www.mend.io/vulnerability-database/CVE-2023-1449

Severity Score

7.8

Weakness Type (CWE)

Double Free

CWE-415

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	4.3
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2023-1449

Date: March 17, 2023

Language: C

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?