Gpac

gpac

374 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (374)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-3178 1Gpac 1Gpac Nov 21, 2024 Sep 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2022-38530 1Gpac 1Gpac Nov 21, 2024 Sep 6, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.
CVE-2022-36191 1Gpac 1Gpac Nov 21, 2024 Aug 17, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242.
CVE-2022-36190 1Gpac 1Gpac Nov 21, 2024 Aug 17, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.
CVE-2022-36186 1Gpac 1Gpac Nov 21, 2024 Aug 17, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerab...Show more A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1.Show less
CVE-2022-2549 1Gpac 1Gpac Nov 21, 2024 Jul 27, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV.
CVE-2022-2454 1Gpac 1Gpac Nov 21, 2024 Jul 19, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.
CVE-2022-2453 1Gpac 1Gpac Nov 21, 2024 Jul 19, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.
CVE-2021-40944 1Gpac 1Gpac Nov 21, 2024 Jun 28, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS).
CVE-2021-40609 1Gpac 1Gpac Nov 21, 2024 Jun 28, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVE-2021-40608 1Gpac 1Gpac Nov 21, 2024 Jun 28, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVE-2021-40607 1Gpac 1Gpac Nov 21, 2024 Jun 28, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVE-2021-40606 1Gpac 1Gpac Nov 21, 2024 Jun 28, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVE-2021-40942 1Gpac 1Gpac Nov 21, 2024 Jun 27, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS).
CVE-2021-41458 1Gpac 1Mp4box Nov 21, 2024 Jun 16, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.
CVE-2021-40592 1Gpac 1Gpac Nov 21, 2024 Jun 8, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Functio...Show more GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file.Show less
CVE-2022-1795 1Gpac 1Gpac Nov 21, 2024 May 18, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV.
CVE-2022-30976 1Gpac 1Gpac Nov 21, 2024 May 18, 2022 N/A· v4 7.1 HIGH· v3 4.0 MEDIUM· v2 GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box.
CVE-2022-29340 1Gpac 1Gpac Nov 21, 2024 May 5, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerab...Show more GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.Show less
CVE-2022-29339 1Gpac 1Gpac Nov 21, 2024 May 5, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.

Previous 1...789...19 Next