VYPR

MP4Box

by Gpac

Source repositories

CVEs (112)

  • CVE-2021-32136HigSep 13, 2021
    risk 0.00cvss 7.8epss 0.01

    Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

  • CVE-2021-32440MedAug 11, 2021
    risk 0.00cvss 5.5epss 0.01

    The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-32439HigAug 11, 2021
    risk 0.00cvss 7.8epss 0.01

    Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

  • CVE-2021-32438MedAug 11, 2021
    risk 0.00cvss 5.5epss 0.01

    The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-32437MedAug 11, 2021
    risk 0.00cvss 5.5epss 0.01

    The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2020-19488MedJul 21, 2021
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read on function ilst_item_Read.

  • CVE-2020-19481MedJul 21, 2021
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.

  • CVE-2021-31259MedApr 19, 2021
    risk 0.00cvss 5.5epss 0.01

    The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-31256MedApr 19, 2021
    risk 0.00cvss 5.5epss 0.01

    Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.

  • CVE-2021-31255HigApr 19, 2021
    risk 0.00cvss 7.8epss 0.01

    Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

  • CVE-2021-31254HigApr 19, 2021
    risk 0.00cvss 7.8epss 0.01

    Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.

  • CVE-2018-20762HigFeb 6, 2019
    risk 0.00cvss 7.8epss 0.01

    GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.

Page 6 of 6