Gpac
by Gpac
Source repositories
CVEs (414)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-21851 | 0.00 | — | 0.02 | Aug 18, 2021 | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp” decoder sample group description indices can cause an integer overflow due… | |||
| CVE-2021-21852 | 0.00 | — | 0.02 | Aug 18, 2021 | Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting… | |||
| CVE-2021-21861 | 0.00 | — | 0.02 | Aug 16, 2021 | An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a… | |||
| CVE-2021-21860 | 0.00 | — | 0.02 | Aug 16, 2021 | An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes… | |||
| CVE-2021-21859 | 0.00 | — | 0.02 | Aug 16, 2021 | An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The stri_box_read function is used when processing atoms using the 'stri' FOURCC code. An attacker can convince a user to open… | |||
| CVE-2021-32440 | 0.00 | — | 0.01 | Aug 11, 2021 | The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-32439 | 0.00 | — | 0.01 | Aug 11, 2021 | Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-32437 | 0.00 | — | 0.01 | Aug 11, 2021 | The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-36584 | 0.00 | — | 0.01 | Aug 5, 2021 | An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS). | |||
| CVE-2020-24829 | 0.00 | — | 0.01 | Aug 4, 2021 | An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file. | |||
| CVE-2020-22352 | 0.00 | — | 0.01 | Aug 4, 2021 | The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||
| CVE-2020-19488 | 0.00 | — | 0.01 | Jul 21, 2021 | An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read on function ilst_item_Read. | |||
| CVE-2020-19481 | 0.00 | — | 0.01 | Jul 21, 2021 | An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file. | |||
| CVE-2020-23930 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service. | |||
| CVE-2020-23931 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. | |||
| CVE-2020-23932 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service. | |||
| CVE-2020-23928 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. | |||
| CVE-2020-35979 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c. | |||
| CVE-2020-35982 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c. | |||
| CVE-2020-35981 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c. |
- CVE-2021-21851Aug 18, 2021risk 0.00cvss —epss 0.02
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp” decoder sample group description indices can cause an integer overflow due…
- CVE-2021-21852Aug 18, 2021risk 0.00cvss —epss 0.02
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting…
- CVE-2021-21861Aug 16, 2021risk 0.00cvss —epss 0.02
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a…
- CVE-2021-21860Aug 16, 2021risk 0.00cvss —epss 0.02
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes…
- CVE-2021-21859Aug 16, 2021risk 0.00cvss —epss 0.02
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The stri_box_read function is used when processing atoms using the 'stri' FOURCC code. An attacker can convince a user to open…
- CVE-2021-32440Aug 11, 2021risk 0.00cvss —epss 0.01
The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
- CVE-2021-32439Aug 11, 2021risk 0.00cvss —epss 0.01
Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
- CVE-2021-32437Aug 11, 2021risk 0.00cvss —epss 0.01
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
- CVE-2021-36584Aug 5, 2021risk 0.00cvss —epss 0.01
An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS).
- CVE-2020-24829Aug 4, 2021risk 0.00cvss —epss 0.01
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.
- CVE-2020-22352Aug 4, 2021risk 0.00cvss —epss 0.01
The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
- CVE-2020-19488Jul 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read on function ilst_item_Read.
- CVE-2020-19481Jul 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.
- CVE-2020-23930Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service.
- CVE-2020-23931Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
- CVE-2020-23932Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service.
- CVE-2020-23928Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
- CVE-2020-35979Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c.
- CVE-2020-35982Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c.
- CVE-2020-35981Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c.
Page 18 of 21