CVE-2025-7797 | GPAC up to 2.4 dash_client.c gf_dash_download_init_segment base_init_url null pointer dereference

Inserito da Angelo Barbosa | Lug 18, 2025 | CVE

A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null pointer dereference.

This vulnerability is handled as CVE-2025-7797. The attack may be launched remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-7797 | GPAC up to 2.4 dash_client.c gf_dash_download_init_segment base_init_url null pointer dereference

Post correlati

CVE-2024-26905 | Linux Kernel up to 6.1.82/6.6.22/6.7.10 btrfs space_info.c need_preemptive_reclaim race condition

CVE-2021-47168 | Linux Kernel up to 5.12.8 NFS filelayout_decode_layout memory corruption

CVE-2024-0931 | Tenda AC10U 15.03.06.49_multi_TDE01 saveParentControlInfo deviceId/time/urls stack-based overflow

CVE-2024-29171 | Dell BSAFE SSL-J up to 7.2.1 certificate validation (dsa-2024-221)