Improper Resource Shutdown or Release

CVE-2025-7797

Medium

5.5/10

Summary

A vulnerability was found in GPAC through 2.4 and abi-12 through abi-12.27. It has been rated as problematic. Affected by this issue is the function 'gf_dash_download_init_segment' of the file 'src/media_tools/dash_client.c'. The manipulation of the argument 'base_init_url' leads to NULL Pointer Dereference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: LOW

CWE-404 - Improper Resource Shutdown or Release

The program does not release or incorrectly releases a resource before it is made available for re-use.

References

Advisory
Advisory

Advisory Timeline

Published Jul 18, 2025

Improper Resource Shutdown or Release

CVE-2025-7797

Summary

CWE-404 - Improper Resource Shutdown or Release

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS