CVE-2020-16158

GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt