CVSS 3.1 Score 5.3 of 10 (medium)


Published Jun 17, 2024
Updated: Jun 20, 2024
CWE ID 416


CVE-2024-6064 is a vulnerability found in GPAC 2.5-DEV-rev228-g11067ea92-master, specifically affecting the function xmt_node_end of the file src/scene_manager/loader_xmt.c in the component MP4Box. This vulnerability allows for use after free manipulation, but local access is required for the attack. The exploit has been publicly disclosed and a patch with the identifier f4b3e4d2f91bc1749e7a924a8ab171af03a355a8/c1b9c794bad8f262c56f3cf690567980d96662f5 is recommended to fix this issue. The vulnerability has a risk score of 25 and a base severity rating of MEDIUM, with low impact on integrity and confidentiality.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.


Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-6064 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions