{"id":"CVE-2023-23143","details":"Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master.","modified":"2026-04-12T06:21:00.619309Z","published":"2023-01-20T19:15:18.277Z","references":[{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5411"},{"type":"FIX","url":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"fixed":"af6a5e7a96ee01a139cce6c9e4edfc069aad17a6"}]},{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"fixed":"af6a5e7a96ee01a139cce6c9e4edfc069aad17a6"}]}],"versions":["v0.5.2","v0.6.0","v0.9.0","v0.9.0-preview","v1.0.0","v2.0.0","v2.2.0"],"database_specific":{"vanir_signatures_modified":"2026-04-12T06:21:00Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.3-dev-rev1-g4669ba229-master"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-23143.json","vanir_signatures":[{"source":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6","target":{"function":"svc_parse_slice","file":"src/media_tools/av_parsers.c"},"digest":{"function_hash":"47574115876608755675381066338050606861","length":1805},"signature_type":"Function","id":"CVE-2023-23143-0a6e46f8","deprecated":false,"signature_version":"v1"},{"source":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6","target":{"file":"src/media_tools/av_parsers.c"},"digest":{"line_hashes":["22280291532271713263809462282837675705","50553360270505175175143672453812854955","1331303742770772686114433751757033769","193359395964386556571471526016137291190","114108252463499357356885255896029985552","194835649175338466302835734388832833927","180265649647589917173574190580639651507","296145560791411951488396148268939485063","308237689176624576761728353449655094795","188020043757681284687932722640414212748","187893932749722113603389087593585648912"],"threshold":0.9},"signature_type":"Line","id":"CVE-2023-23143-1868a9e9","deprecated":false,"signature_version":"v1"},{"source":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6","target":{"function":"avc_parse_slice","file":"src/media_tools/av_parsers.c"},"digest":{"function_hash":"12040255593378984608184905374420314754","length":4300},"signature_type":"Function","id":"CVE-2023-23143-ce1c9149","deprecated":false,"signature_version":"v1"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}