CVE-2025-60495

Published: Jun 1, 2026

Modified: Jun 1, 2026

PUBLISHED

Description

A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted data file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/gpac/gpac/issues/3335

https://github.com/gpac/gpac/commit/9beed3c0a2f38505c745e5376234e7ed66e8e0b1

https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/66/README.md

https://infosec.exchange/@sigdevel/116659058320692913

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-60495

Description

Affected Products

References