Dr0V

**Name of the Vulnerable Software and Affected Versions** gpac versions 2.3-DEV-rev617-g671976fcc-master **Description** The issue is related to incorrect use of dynamic memory in the gf mpd resolve url function of the media tools/mpd.c file in the GPAC multimedia platform. This can lead to memory leaks. Exploitation of the issue may allow an attacker to cause a denial of service. The vulnerability is also present in the NewSFDouble Scenegraph/vrml tools.c file, which can be exploited remotely to cause a denial of service. **Recommendations** For gpac version 2.3-DEV-rev617-g671976fcc-master, consider disabling the `gf mpd resolve url` function until a patch is available to prevent memory leaks and potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.