Filtered by vendor Gpac
Subscriptions
Filtered by product Gpac
Subscriptions
Total
341 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29339 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.5 High |
| In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2. | ||||
| CVE-2022-27148 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow. | ||||
| CVE-2022-27146 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag. | ||||
| CVE-2022-27145 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box. | ||||
| CVE-2022-27147 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag. | ||||
| CVE-2022-26967 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box. | ||||
| CVE-2022-24578 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c. | ||||
| CVE-2022-24575 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box. | ||||
| CVE-2022-24577 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.) | ||||
| CVE-2022-24576 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC 1.0.1 is affected by Use After Free through MP4Box. | ||||
| CVE-2022-24574 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC 1.0.1 is affected by a NULL pointer dereference in gf_dump_vrml_field.isra (). | ||||
| CVE-2022-24249 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871. | ||||
| CVE-2022-4202 | 1 Gpac | 1 Gpac | 2024-08-03 | 6.3 Medium |
| A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3957 | 1 Gpac | 1 Gpac | 2024-08-03 | 4.3 Medium |
| A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463. | ||||
| CVE-2022-3178 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2022-3222 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2022-2549 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV. | ||||
| CVE-2022-2454 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. | ||||
| CVE-2022-2453 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV. | ||||
| CVE-2022-1795 | 1 Gpac | 1 Gpac | 2024-08-03 | 9.8 Critical |
| Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. | ||||