CVE-2021-30022 log

Severity Low
Remote Yes
Type Denial of service
There is an integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 units, so there is an overflow, which results a crash.
Group Package Affected Fixed Severity Status Ticket
AVG-1823 gpac 1:1.0.1-1 Medium Vulnerable