CVE-2024-24265
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Feb 5, 2024
Updated: Feb 7, 2024
CWE ID 401
Summary
CVE-2024-24265 is a newly disclosed vulnerability affecting gpac version 2.2.1. This issue arises due to a memory leak in the gf_filter_pid_merge_properties_internal function, specifically related to the dst_props variable. The memory leak can potentially lead to denial of service or other malicious activities if exploited. Users of gpac 2.2.1 are advised to update to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- GPAC