What the vulnerability does
01Description
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVSS base score
7.1/10
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
February 13, 2023
CVE published
March 21, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-46247 Vyper has incorrect storage layout for contracts containing large arrays
CVE-2022-3103
CVE-2026-40254 FreeRDP: contains_dotdot() off-by-one allows drive channel path traversal via terminal ..
CVE-2026-45232 Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy
CVE-2026-5123 osrg GoBGP bgp.go DecodeFromBytes off-by-one
