Filtered by vendor Gpac Subscriptions
Filtered by product Gpac Subscriptions
Total 341 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-29339 1 Gpac 1 Gpac 2024-08-03 7.5 High
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.
CVE-2022-27148 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.
CVE-2022-27146 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.
CVE-2022-27145 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.
CVE-2022-27147 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.
CVE-2022-26967 1 Gpac 1 Gpac 2024-08-03 7.8 High
GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box.
CVE-2022-24578 1 Gpac 1 Gpac 2024-08-03 7.8 High
GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c.
CVE-2022-24575 1 Gpac 1 Gpac 2024-08-03 7.8 High
GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box.
CVE-2022-24577 1 Gpac 1 Gpac 2024-08-03 7.8 High
GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.)
CVE-2022-24576 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
GPAC 1.0.1 is affected by Use After Free through MP4Box.
CVE-2022-24574 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
GPAC 1.0.1 is affected by a NULL pointer dereference in gf_dump_vrml_field.isra ().
CVE-2022-24249 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871.
CVE-2022-4202 1 Gpac 1 Gpac 2024-08-03 6.3 Medium
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability.
CVE-2022-3957 1 Gpac 1 Gpac 2024-08-03 4.3 Medium
A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.
CVE-2022-3178 1 Gpac 1 Gpac 2024-08-03 7.8 High
Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2022-3222 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2022-2549 1 Gpac 1 Gpac 2024-08-03 5.5 Medium
NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV.
CVE-2022-2454 1 Gpac 1 Gpac 2024-08-03 7.8 High
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.
CVE-2022-2453 1 Gpac 1 Gpac 2024-08-03 7.8 High
Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.
CVE-2022-1795 1 Gpac 1 Gpac 2024-08-03 9.8 Critical
Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV.