VYPR

Gpac

by Gpac

Source repositories

CVEs (414)

  • CVE-2021-21851Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp” decoder sample group description indices can cause an integer overflow due…

  • CVE-2021-21852Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting…

  • CVE-2021-21861Aug 16, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a…

  • CVE-2021-21860Aug 16, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes…

  • CVE-2021-21859Aug 16, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The stri_box_read function is used when processing atoms using the 'stri' FOURCC code. An attacker can convince a user to open…

  • CVE-2021-32440Aug 11, 2021
    risk 0.00cvss epss 0.01

    The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-32439Aug 11, 2021
    risk 0.00cvss epss 0.01

    Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

  • CVE-2021-32437Aug 11, 2021
    risk 0.00cvss epss 0.01

    The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-36584Aug 5, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS).

  • CVE-2020-24829Aug 4, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.

  • CVE-2020-22352Aug 4, 2021
    risk 0.00cvss epss 0.01

    The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2020-19488Jul 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read on function ilst_item_Read.

  • CVE-2020-19481Jul 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.

  • CVE-2020-23930Apr 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service.

  • CVE-2020-23931Apr 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.

  • CVE-2020-23932Apr 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service.

  • CVE-2020-23928Apr 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.

  • CVE-2020-35979Apr 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c.

  • CVE-2020-35982Apr 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c.

  • CVE-2020-35981Apr 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c.

Page 18 of 21