Filtered by vendor Gpac
Subscriptions
Total
341 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24577 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.) | ||||
| CVE-2022-24576 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC 1.0.1 is affected by Use After Free through MP4Box. | ||||
| CVE-2022-24574 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| GPAC 1.0.1 is affected by a NULL pointer dereference in gf_dump_vrml_field.isra (). | ||||
| CVE-2022-24249 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871. | ||||
| CVE-2022-4202 | 1 Gpac | 1 Gpac | 2024-08-03 | 6.3 Medium |
| A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3957 | 1 Gpac | 1 Gpac | 2024-08-03 | 4.3 Medium |
| A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463. | ||||
| CVE-2022-3178 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2022-3222 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2022-2549 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV. | ||||
| CVE-2022-2454 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. | ||||
| CVE-2022-2453 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV. | ||||
| CVE-2022-1795 | 1 Gpac | 1 Gpac | 2024-08-03 | 9.8 Critical |
| Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. | ||||
| CVE-2022-1441 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-08-03 | 7.8 High |
| MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow. | ||||
| CVE-2022-1172 | 1 Gpac | 1 Gpac | 2024-08-02 | 5.0 Medium |
| Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2022-1222 | 1 Gpac | 1 Gpac | 2024-08-02 | 5.5 Medium |
| Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2022-1035 | 1 Gpac | 1 Gpac | 2024-08-02 | 5.5 Medium |
| Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2023-50120 | 1 Gpac | 1 Gpac | 2024-08-02 | 5.5 Medium |
| MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. | ||||
| CVE-2023-48958 | 1 Gpac | 1 Gpac | 2024-08-02 | 5.5 Medium |
| gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589. | ||||
| CVE-2023-48090 | 1 Gpac | 1 Gpac | 2024-08-02 | 7.1 High |
| GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329. | ||||
| CVE-2023-48039 | 1 Gpac | 1 Gpac | 2024-08-02 | 5.5 Medium |
| GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75. | ||||