{"id":"CVE-2023-23143","details":"Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master.","modified":"2026-04-12T07:25:05.305584Z","published":"2023-01-20T19:15:18.277Z","database_specific":{"unresolved_ranges":[{"extracted_events":[{"last_affected":"2.3-dev-rev1-g4669ba229-master"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:gpac:gpac:2.3-dev-rev1-g4669ba229-master:*:*:*:*:*:*:*"}]},"references":[{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5411"},{"type":"FIX","url":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"fixed":"af6a5e7a96ee01a139cce6c9e4edfc069aad17a6"}],"database_specific":{"source":"REFERENCES"}}],"versions":["v0.5.2","v0.6.0","v0.9.0","v0.9.0-preview","v1.0.0","v2.0.0","v2.2.0"],"database_specific":{"vanir_signatures_modified":"2026-04-12T07:25:05Z","vanir_signatures":[{"target":{"function":"svc_parse_slice","file":"src/media_tools/av_parsers.c"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6","digest":{"function_hash":"47574115876608755675381066338050606861","length":1805},"id":"CVE-2023-23143-0a6e46f8","deprecated":false},{"target":{"file":"src/media_tools/av_parsers.c"},"signature_version":"v1","signature_type":"Line","source":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6","digest":{"line_hashes":["22280291532271713263809462282837675705","50553360270505175175143672453812854955","1331303742770772686114433751757033769","193359395964386556571471526016137291190","114108252463499357356885255896029985552","194835649175338466302835734388832833927","180265649647589917173574190580639651507","296145560791411951488396148268939485063","308237689176624576761728353449655094795","188020043757681284687932722640414212748","187893932749722113603389087593585648912"],"threshold":0.9},"id":"CVE-2023-23143-1868a9e9","deprecated":false},{"target":{"function":"avc_parse_slice","file":"src/media_tools/av_parsers.c"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/gpac/gpac/commit/af6a5e7a96ee01a139cce6c9e4edfc069aad17a6","digest":{"function_hash":"12040255593378984608184905374420314754","length":4300},"id":"CVE-2023-23143-ce1c9149","deprecated":false}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-23143.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}