Gpac
by Gpac
Source repositories
CVEs (414)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-0322 | 0.00 | — | 0.01 | Jan 8, 2024 | Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||
| CVE-2024-0321 | 0.00 | — | 0.01 | Jan 8, 2024 | Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | |||
| CVE-2023-46929 | 0.00 | — | 0.01 | Jan 3, 2024 | An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers to crash the application. | |||
| CVE-2023-47465 | 0.00 | — | 0.00 | Dec 9, 2023 | An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c. | |||
| CVE-2023-46932 | 0.00 | — | 0.01 | Dec 9, 2023 | Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box. | |||
| CVE-2023-48958 | 0.00 | — | 0.00 | Dec 7, 2023 | gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589. | |||
| CVE-2023-46871 | 0.00 | — | 0.01 | Dec 7, 2023 | GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. | |||
| CVE-2023-48090 | 0.00 | — | 0.00 | Nov 20, 2023 | GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329. | |||
| CVE-2023-48039 | 0.00 | — | 0.00 | Nov 20, 2023 | GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75. | |||
| CVE-2023-48011 | 0.00 | — | 0.00 | Nov 15, 2023 | GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c. | |||
| CVE-2023-48014 | 0.00 | — | 0.00 | Nov 15, 2023 | GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c. | |||
| CVE-2023-48013 | 0.00 | — | 0.00 | Nov 15, 2023 | GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c. | |||
| CVE-2023-47384 | 0.00 | — | 0.00 | Nov 14, 2023 | MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. | |||
| CVE-2023-5998 | 0.00 | — | 0.01 | Nov 7, 2023 | Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||
| CVE-2023-46001 | 0.00 | — | 0.00 | Nov 7, 2023 | Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data. | |||
| CVE-2023-46927 | 0.00 | — | 0.00 | Nov 1, 2023 | GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box. | |||
| CVE-2023-46930 | 0.00 | — | 0.00 | Nov 1, 2023 | GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14. | |||
| CVE-2023-46928 | 0.00 | — | 0.00 | Nov 1, 2023 | GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42. | |||
| CVE-2023-46931 | 0.00 | — | 0.00 | Nov 1, 2023 | GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box. | |||
| CVE-2023-5595 | 0.00 | — | 0.00 | Oct 16, 2023 | Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. |
- CVE-2024-0322Jan 8, 2024risk 0.00cvss —epss 0.01
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
- CVE-2024-0321Jan 8, 2024risk 0.00cvss —epss 0.01
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
- CVE-2023-46929Jan 3, 2024risk 0.00cvss —epss 0.01
An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers to crash the application.
- CVE-2023-47465Dec 9, 2023risk 0.00cvss —epss 0.00
An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c.
- CVE-2023-46932Dec 9, 2023risk 0.00cvss —epss 0.01
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.
- CVE-2023-48958Dec 7, 2023risk 0.00cvss —epss 0.00
gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589.
- CVE-2023-46871Dec 7, 2023risk 0.00cvss —epss 0.01
GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service.
- CVE-2023-48090Nov 20, 2023risk 0.00cvss —epss 0.00
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.
- CVE-2023-48039Nov 20, 2023risk 0.00cvss —epss 0.00
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.
- CVE-2023-48011Nov 15, 2023risk 0.00cvss —epss 0.00
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.
- CVE-2023-48014Nov 15, 2023risk 0.00cvss —epss 0.00
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c.
- CVE-2023-48013Nov 15, 2023risk 0.00cvss —epss 0.00
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c.
- CVE-2023-47384Nov 14, 2023risk 0.00cvss —epss 0.00
MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
- CVE-2023-5998Nov 7, 2023risk 0.00cvss —epss 0.01
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.
- CVE-2023-46001Nov 7, 2023risk 0.00cvss —epss 0.00
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data.
- CVE-2023-46927Nov 1, 2023risk 0.00cvss —epss 0.00
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box.
- CVE-2023-46930Nov 1, 2023risk 0.00cvss —epss 0.00
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14.
- CVE-2023-46928Nov 1, 2023risk 0.00cvss —epss 0.00
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42.
- CVE-2023-46931Nov 1, 2023risk 0.00cvss —epss 0.00
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box.
- CVE-2023-5595Oct 16, 2023risk 0.00cvss —epss 0.00
Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.
Page 5 of 21