CVE Catalog
CVE-2025-55641
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk0.17%
7th percentile — higher than 7% of all known CVEs
Summary
A NULL pointer dereference in the gf_isom_copy_sample_info function in GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) by supplying a crafted MP4 file.
Risk Assessment
This vulnerability may lead to service outages, negatively impacting users and organizational operations.
Recommendation
It is recommended to update GPAC MP4Box to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.
Original NVD description (English source)
A NULL pointer dereference in the gf_isom_copy_sample_info function (isomedia/isom_write.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

