VYPR

MP4Box

by Gpac

Source repositories

CVEs (112)

  • CVE-2023-46932CriDec 9, 2023
    risk 0.64cvss 9.8epss 0.01

    Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.

  • CVE-2022-36190CriAug 17, 2022
    risk 0.64cvss 9.8epss 0.01

    GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.

  • CVE-2022-47663HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609

  • CVE-2022-47661HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes

  • CVE-2022-47660HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c

  • CVE-2022-47659HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data

  • CVE-2022-47658HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039

  • CVE-2022-47657HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662

  • CVE-2022-47656HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273

  • CVE-2022-47654HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261

  • CVE-2022-47653HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113

  • CVE-2022-47095HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c

  • CVE-2022-47094HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid

  • CVE-2022-47093HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid

  • CVE-2022-47091HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c

  • CVE-2022-47089HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c

  • CVE-2022-47088HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow.

  • CVE-2022-47087HigJan 5, 2023
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c

  • CVE-2022-45283HigDec 6, 2022
    risk 0.51cvss 7.8epss 0.00

    GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.

  • CVE-2021-36417HigJan 12, 2022
    risk 0.51cvss 7.8epss 0.01

    A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file.

Page 1 of 6