CVE-2023-1654

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-1654

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1654.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-1654

Downstream

DEBIAN-CVE-2023-1654

DSA-5411-1

UBUNTU-CVE-2023-1654

Published

2023-03-27T16:15:10Z

Modified

2025-10-15T15:23:35.943435Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.

References

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type: GIT
Repo: https://github.com/gpac/gpac
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2c055153d401b8c49422971e3a0159869652d3da

Affected versions

v0.*

v0.5.2

v0.6.0

v0.6.1

v0.7.0

v0.7.1

v0.8.0

v0.9.0

v0.9.0-preview

v1.*

v1.0.0

v1.0.1

v2.*

v2.0.0

v2.2.0

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da",
        "signature_version": "v1",
        "target": {
            "function": "gf_filter_pid_configure",
            "file": "src/filter_core/filter_pid.c"
        },
        "digest": {
            "function_hash": "129018159478842862792759879330370428347",
            "length": 12630.0
        },
        "id": "CVE-2023-1654-7b969810"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da",
        "signature_version": "v1",
        "target": {
            "file": "src/filter_core/filter_pid.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "148845265815826657992307348567108131484",
                "105674540260953359976571952338539097557",
                "287157642366606283258658619643638368936",
                "291457703389335561351395797914109091273",
                "306988017190928560117096816739577811561",
                "337446329811419252287973834670039328360",
                "265905239360786746254839686560537386363",
                "228751307320316353146079505896832582433",
                "47755708642803734463507950695521231377",
                "120646828835668242968276399469819291541",
                "275700621427489922689972512220163961313",
                "153486834944867098187272602342929741522",
                "145921112622891295075722394291885036444",
                "178647408630750366257021477940563624998",
                "307852836844398726326604254297727524498",
                "249817746887818041667021205635248796137",
                "241389537552424193788293470609668426314",
                "89234141374157221114398274057305742548",
                "93046893750119162204199717315466294200"
            ]
        },
        "id": "CVE-2023-1654-8d85a911"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da",
        "signature_version": "v1",
        "target": {
            "function": "gf_filter_pid_inst_del",
            "file": "src/filter_core/filter_pid.c"
        },
        "digest": {
            "function_hash": "172343597823141860123339810263599078469",
            "length": 551.0
        },
        "id": "CVE-2023-1654-e22fe16b"
    }
]