VYPR

Gpac

by Gpac

Source repositories

CVEs (414)

  • CVE-2022-43045Oct 19, 2022
    risk 0.00cvss epss 0.00

    GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c.

  • CVE-2022-3222Sep 15, 2022
    risk 0.00cvss epss 0.01

    Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.

  • CVE-2022-3178Sep 12, 2022
    risk 0.00cvss epss 0.00

    Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV.

  • CVE-2022-38530Sep 6, 2022
    risk 0.00cvss epss 0.00

    GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.

  • CVE-2022-36186Aug 17, 2022
    risk 0.00cvss epss 0.01

    A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1.

  • CVE-2022-36190Aug 17, 2022
    risk 0.00cvss epss 0.01

    GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.

  • CVE-2022-2549Jul 27, 2022
    risk 0.00cvss epss 0.00

    NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV.

  • CVE-2022-2453Jul 19, 2022
    risk 0.00cvss epss 0.00

    Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.

  • CVE-2022-2454Jul 19, 2022
    risk 0.00cvss epss 0.00

    Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.

  • CVE-2021-40607Jun 28, 2022
    risk 0.00cvss epss 0.01

    The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

  • CVE-2021-40606Jun 28, 2022
    risk 0.00cvss epss 0.01

    The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

  • CVE-2021-40944Jun 28, 2022
    risk 0.00cvss epss 0.01

    In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS).

  • CVE-2021-40608Jun 28, 2022
    risk 0.00cvss epss 0.01

    The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

  • CVE-2021-40609Jun 28, 2022
    risk 0.00cvss epss 0.01

    The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

  • CVE-2021-40942Jun 27, 2022
    risk 0.00cvss epss 0.01

    In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS).

  • CVE-2021-41458Jun 16, 2022
    risk 0.00cvss epss 0.01

    In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.

  • CVE-2021-40592Jun 8, 2022
    risk 0.00cvss epss 0.01

    GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To…

  • CVE-2022-30976May 18, 2022
    risk 0.00cvss epss 0.01

    GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box.

  • CVE-2022-1795May 18, 2022
    risk 0.00cvss epss 0.01

    Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV.

  • CVE-2022-29340May 5, 2022
    risk 0.00cvss epss 0.01

    GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.

Page 10 of 21