Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 06 Jul 2026 12:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gf_isom_nalu_sample_rewrite of the file src/isomedia/avc_ext.c of the component MP4Box. This manipulation of the argument nalu_out_bs causes double free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: f29f955f2a3b5e8e507caad3e52319f961bf37bf. To fix this issue, it is recommended to deploy a patch. | |
| Title | GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free | |
| First Time appeared |
Gpac
Gpac gpac |
|
| Weaknesses | CWE-119 CWE-415 |
|
| CPEs | cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Gpac
Gpac gpac |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-06T11:15:08.893Z
Reserved: 2026-07-04T05:16:18.510Z
Link: CVE-2025-15667
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-06T13:30:04Z