CVSS 3.1 Score 5.5 of 10 (medium)


Published Sep 4, 2023
Updated: Sep 6, 2023
CWE ID 121
CWE ID 787


CVE-2023-4756 is a stack-based buffer overflow vulnerability in the GitHub repository gpac/gpac prior to version 2.3-DEV. It affects multiple products including r9ng1Q, r9ng1R, lIYGJv, pM0SIT, as-tu1, inq4Vv, inq4Vu, pM0SIV, pM0SIU, dLJca3, r9ng1O, dLJca4, r9ng1P, p0dz-g, v2vaPU, v2vaPS, v2vaPT, v2vaPR, ncySnv, ncySnw, ncySnx, ncySny, ncySnz, ncySn0, ncySn1,t1jDwy , ncySn2 , s5UiSg , ZuqEjU , ZuqEjV , ZuqEjS , ZuqEjT , n13ykp and ZuqEjR. The vulnerability has a base severity of MEDIUM with a CVSS score of 5.5. Exploitation requires local access and user interaction but does not require any privileges. While it does not impact integrity or confidentiality of the affected systems/users directly; it poses a high availability impact and can potentially allow an attacker to execute arbitrary code on the affected system. The recommended remediation is to update gpac to version 2.3-DEV or later to mitigate this vulnerability and ensure the security of the organization's systems and data.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-4756 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options