CVE-2023-48958

Name of the Vulnerable Software and Affected Versions gpac versions 2.3-DEV-rev617-g671976fcc-master

Description The issue is related to incorrect use of dynamic memory in the gf mpd resolve url function of the media tools/mpd.c file in the GPAC multimedia platform. This can lead to memory leaks. Exploitation of the issue may allow an attacker to cause a denial of service. The vulnerability is also present in the NewSFDouble Scenegraph/vrml tools.c file, which can be exploited remotely to cause a denial of service.

Recommendations For gpac version 2.3-DEV-rev617-g671976fcc-master, consider disabling the gf mpd resolve url function until a patch is available to prevent memory leaks and potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.