An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23931
Reference (s):
- https://github.com/gpac/gpac/commit/093283e727f396130651280609e687cd4778e0d1
- https://github.com/gpac/gpac/issues/1564
- https://github.com/gpac/gpac/issues/1567