MP4Box
by Gpac
Source repositories
CVEs (112)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46932 | Cri | 0.64 | 9.8 | 0.01 | Dec 9, 2023 | Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box. | ||
| CVE-2022-36190 | Cri | 0.64 | 9.8 | 0.01 | Aug 17, 2022 | GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242. | ||
| CVE-2022-47663 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609 | ||
| CVE-2022-47661 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes | ||
| CVE-2022-47660 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c | ||
| CVE-2022-47659 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data | ||
| CVE-2022-47658 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039 | ||
| CVE-2022-47657 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662 | ||
| CVE-2022-47656 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273 | ||
| CVE-2022-47654 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261 | ||
| CVE-2022-47653 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113 | ||
| CVE-2022-47095 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c | ||
| CVE-2022-47094 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid | ||
| CVE-2022-47093 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid | ||
| CVE-2022-47091 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c | ||
| CVE-2022-47089 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c | ||
| CVE-2022-47088 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow. | ||
| CVE-2022-47087 | Hig | 0.51 | 7.8 | 0.00 | Jan 5, 2023 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c | ||
| CVE-2022-45283 | Hig | 0.51 | 7.8 | 0.00 | Dec 6, 2022 | GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c. | ||
| CVE-2021-36417 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2022 | A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. |
- risk 0.64cvss 9.8epss 0.01
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.
- risk 0.64cvss 9.8epss 0.01
GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609
- risk 0.51cvss 7.8epss 0.00
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes
- risk 0.51cvss 7.8epss 0.00
GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data
- risk 0.51cvss 7.8epss 0.00
GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039
- risk 0.51cvss 7.8epss 0.00
GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow.
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c
- risk 0.51cvss 7.8epss 0.00
GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.
- risk 0.51cvss 7.8epss 0.01
A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file.
Page 1 of 6