Base Score

MEDIUM5.5

CVE-2023-2837

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.

VectorLOCAL

Published Bysecurity@huntr.dev

Published DateMay 22, 2023, 18:15

Weakness Type (CWE):CWE-121

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

https://github.com/gpac/gpac/commit/6f28c4cd607d83ce381f9b4a9f8101ca1e79c611
https://huntr.dev/bounties/a6bfd1b2-aba8-4c6f-90c4-e95b1831cb17
https://www.debian.org/security/2023/dsa-5411

Base Score

MEDIUM5.5

Weakness Type (CWE):CWE-121

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH