CVE-2025-55659 | THREATINT

Description

A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

PUBLISHED Reserved 2025-08-13 | Published 2026-06-09 | Updated 2026-06-09 | Assigner mitre

References

infosec.exchange/@sigdevel/116710743410087676

cve.org (CVE-2025-55659)

nvd.nist.gov (CVE-2025-55659)

Download JSON