GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.
https://github.com/gpac/gpac/issues/2220
https://www.debian.org/security/2023/dsa-5411
Source: Mitre, NVD
Published: 2022-08-17
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: Critical