CVE-2024-6062

Name of the Vulnerable Software and Affected Versions: GPAC version 2.5-DEV-rev228-g11067ea92-master

Description: A problematic issue was found, affecting the swf svg add iso sample function of the src/filters/load text.c file in the MP4Box component. This issue leads to a null pointer dereference and requires local access to exploit. The exploit has been publicly disclosed.

Recommendations: For GPAC version 2.5-DEV-rev228-g11067ea92-master, apply the patch identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd to fix this issue. As a temporary workaround, consider disabling the swf svg add iso sample function until the patch is applied.