Gpac
by Gpac
Source repositories
CVEs (414)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-44918 | 0.00 | — | 0.01 | Dec 21, 2021 | A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash. | |||
| CVE-2021-45289 | 0.00 | — | 0.01 | Dec 21, 2021 | A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL. | |||
| CVE-2021-45288 | 0.00 | — | 0.01 | Dec 21, 2021 | A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box command. | |||
| CVE-2021-45297 | 0.00 | — | 0.01 | Dec 21, 2021 | An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. | |||
| CVE-2021-45291 | 0.00 | — | 0.01 | Dec 21, 2021 | The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-45292 | 0.00 | — | 0.01 | Dec 21, 2021 | The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||
| CVE-2020-22673 | 0.00 | — | 0.01 | Oct 12, 2021 | Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. | |||
| CVE-2020-22675 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | |||
| CVE-2020-22674 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input. | |||
| CVE-2020-22677 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | |||
| CVE-2020-22679 | 0.00 | — | 0.01 | Oct 12, 2021 | Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. | |||
| CVE-2020-22678 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | |||
| CVE-2021-41456 | 0.00 | — | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability. | |||
| CVE-2021-41457 | 0.00 | — | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | |||
| CVE-2021-41459 | 0.00 | — | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. | |||
| CVE-2020-23269 | 0.00 | — | 0.01 | Sep 21, 2021 | An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file. | |||
| CVE-2020-23266 | 0.00 | — | 0.01 | Sep 21, 2021 | An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function in odf_code.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file. | |||
| CVE-2020-23267 | 0.00 | — | 0.01 | Sep 21, 2021 | An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file | |||
| CVE-2021-32271 | 0.00 | — | 0.01 | Sep 20, 2021 | An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution. | |||
| CVE-2021-32268 | 0.00 | — | 0.01 | Sep 20, 2021 | Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1. |
- CVE-2021-44918Dec 21, 2021risk 0.00cvss —epss 0.01
A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash.
- CVE-2021-45289Dec 21, 2021risk 0.00cvss —epss 0.01
A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL.
- CVE-2021-45288Dec 21, 2021risk 0.00cvss —epss 0.01
A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box command.
- CVE-2021-45297Dec 21, 2021risk 0.00cvss —epss 0.01
An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.
- CVE-2021-45291Dec 21, 2021risk 0.00cvss —epss 0.01
The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
- CVE-2021-45292Dec 21, 2021risk 0.00cvss —epss 0.01
The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
- CVE-2020-22673Oct 12, 2021risk 0.00cvss —epss 0.01
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
- CVE-2020-22675Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
- CVE-2020-22674Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input.
- CVE-2020-22677Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
- CVE-2020-22679Oct 12, 2021risk 0.00cvss —epss 0.01
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
- CVE-2020-22678Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
- CVE-2021-41456Oct 1, 2021risk 0.00cvss —epss 0.01
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability.
- CVE-2021-41457Oct 1, 2021risk 0.00cvss —epss 0.01
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability.
- CVE-2021-41459Oct 1, 2021risk 0.00cvss —epss 0.01
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.
- CVE-2020-23269Sep 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
- CVE-2020-23266Sep 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function in odf_code.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
- CVE-2020-23267Sep 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file
- CVE-2021-32271Sep 20, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.
- CVE-2021-32268Sep 20, 2021risk 0.00cvss —epss 0.01
Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.
Page 15 of 21