CVE-2025-55659

MEDIUM(6.5)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Risk Signal Score21/100 — NIEDRIG

CVSS 6.5 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.5

Technische Schwere

Beschreibung

A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

Referenzen

https://infosec.exchange/@sigdevel/116710743410087676