{"id":"CVE-2022-1795","summary":"Use After Free in gpac/gpac","details":"Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV.","modified":"2026-04-12T09:22:13.175834Z","published":"2022-05-18T00:00:00Z","database_specific":{"cna_assigner":"@huntrdev","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1795.json","cwe_ids":["CWE-416"]},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/9c312763-41a6-4fc7-827b-269eb86efcbc"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1795.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1795"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5411"},{"type":"FIX","url":"https://github.com/gpac/gpac/commit/c535bad50d5812d27ee5b22b54371bddec411514"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"fixed":"c535bad50d5812d27ee5b22b54371bddec411514"}]},{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"fixed":"c535bad50d5812d27ee5b22b54371bddec411514"}]}],"versions":["v0.5.2","v0.6.0","v0.9.0","v0.9.0-preview","v1.0.0","v2.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-1795.json","vanir_signatures_modified":"2026-04-12T09:22:13Z","vanir_signatures":[{"source":"https://github.com/gpac/gpac/commit/c535bad50d5812d27ee5b22b54371bddec411514","id":"CVE-2022-1795-24f0ab0d","target":{"file":"src/bifs/memory_decoder.c"},"signature_version":"v1","digest":{"line_hashes":["45111523369947499338792098095981689568","175208553587930308027274227679553281195","317917644367972226032885915308964605037","73757334811746769291502476050897507192","65153953967623679815455929030373386346","97787508174230236118543088390107785587","321623744893809712278594361436847801505","72878224010627701254374254129860349323"],"threshold":0.9},"signature_type":"Line","deprecated":false},{"source":"https://github.com/gpac/gpac/commit/c535bad50d5812d27ee5b22b54371bddec411514","id":"CVE-2022-1795-3d2e0fe0","target":{"function":"BM_ParseGlobalQuantizer","file":"src/bifs/memory_decoder.c"},"signature_version":"v1","digest":{"function_hash":"290188010648974496591178990752906088598","length":904},"signature_type":"Function","deprecated":false}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H"}]}