{"id":"CVE-2023-1654","summary":"Denial of Service in gpac/gpac","details":"Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.","modified":"2026-04-02T08:40:42.384172Z","published":"2023-03-27T00:00:00Z","database_specific":{"cna_assigner":"@huntrdev","cwe_ids":["CWE-400"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1654.json"},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/33652b56-128f-41a7-afcc-10641f69ff14"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1654.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1654"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5411"},{"type":"FIX","url":"https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"fixed":"5d70253ac94e5840be7b86054131dd753af63cc7"}]}],"versions":["v0.5.2","v0.6.0","v0.6.1","v0.7.0","v0.7.1","v0.8.0","v0.8.1","v0.9.0","v0.9.0-preview","v1.0.0","v1.0.1","v2.0.0","v2.2.0","v2.2.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1654.json","vanir_signatures":[{"target":{"file":"src/filters/decrypt_cenc_isma.c"},"digest":{"threshold":0.9,"line_hashes":["249571260538932152670445539545228447305","152587707489286048113487046699269700399","179615268150946079356232227478217568912","60033637154988124640604107946683507742","282739834311121068751546966263810654625","337334203508275543620516398168354778384","210797623534005381670211559059867641832"]},"source":"https://github.com/gpac/gpac/commit/5d70253ac94e5840be7b86054131dd753af63cc7","id":"CVE-2023-1654-63a629ce","signature_type":"Line","deprecated":false,"signature_version":"v1"},{"target":{"file":"src/filters/decrypt_cenc_isma.c","function":"cenc_dec_load_keys"},"digest":{"length":3266,"function_hash":"339597387818010758170673273113920787195"},"source":"https://github.com/gpac/gpac/commit/5d70253ac94e5840be7b86054131dd753af63cc7","id":"CVE-2023-1654-b25b15ba","signature_type":"Function","deprecated":false,"signature_version":"v1"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}]}