GPAC Security Vulnerabilities
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmt_node_end of the file src/scene_manager/loader_xmt.c of the component MP4Box. The manipulation leads to use after free. Local access is required to...
5.3CVSS
5.3AI Score
0.0004EPSS
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmx_on_event of the file src/filters/dmx_m2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached...
3.3CVSS
4AI Score
0.0004EPSS
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be...
3.3CVSS
4AI Score
0.0004EPSS
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_read.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch...
3.3CVSS
4AI Score
0.0004EPSS
gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at...
7.5CVSS
7.5AI Score
0.0005EPSS
gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal...
7.5CVSS
7.5AI Score
0.0005EPSS
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob...
7.5CVSS
7.5AI Score
0.0005EPSS
GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the...
7.8CVSS
7.7AI Score
0.001EPSS
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4...
5.5CVSS
5.2AI Score
0.0004EPSS
9.8CVSS
6.7AI Score
0.001EPSS
9.1CVSS
6.7AI Score
0.001EPSS
An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers to crash the...
7.5CVSS
7.4AI Score
0.0005EPSS
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in...
9.8CVSS
9.6AI Score
0.001EPSS
An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file...
5.5CVSS
5.4AI Score
0.0004EPSS
GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of...
5.3CVSS
5.3AI Score
0.0005EPSS
gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url...
5.5CVSS
5.6AI Score
0.0004EPSS
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes...
7.1CVSS
6.7AI Score
0.0004EPSS
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string...
5.5CVSS
5.5AI Score
0.0004EPSS
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at...
7.8CVSS
7.7AI Score
0.001EPSS
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at...
7.8CVSS
7.5AI Score
0.001EPSS
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at...
7.8CVSS
7.5AI Score
0.001EPSS
MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4...
5.5CVSS
5.2AI Score
0.0004EPSS
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in...
5.5CVSS
5.2AI Score
0.0004EPSS
7.5CVSS
5.7AI Score
0.0005EPSS
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in...
5.5CVSS
5.3AI Score
0.0004EPSS
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl...
5.5CVSS
5.3AI Score
0.0004EPSS
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in...
5.5CVSS
5.4AI Score
0.0004EPSS
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track...
5.5CVSS
5.3AI Score
0.0004EPSS
5.5CVSS
5.2AI Score
0.0004EPSS
7.8CVSS
5.8AI Score
0.001EPSS
An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of file...
5.5CVSS
5.2AI Score
0.0004EPSS
7.1CVSS
5.3AI Score
0.001EPSS
7.1CVSS
6AI Score
0.001EPSS
GPAC through 2.2.1 has a use-after-free vulnerability in the function gf_bifs_flush_command_list in...
5.5CVSS
5.4AI Score
0.0004EPSS
5.5CVSS
5.4AI Score
0.0004EPSS
5.5CVSS
5.4AI Score
0.0004EPSS
5.5CVSS
5.3AI Score
0.0004EPSS
5.5CVSS
5.2AI Score
0.0004EPSS
5.5CVSS
5.4AI Score
0.0005EPSS
5.5CVSS
5.4AI Score
0.0004EPSS
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to...
5.5CVSS
4.8AI Score
0.0004EPSS
5.5CVSS
5.4AI Score
0.0004EPSS
5.5CVSS
5.2AI Score
0.0004EPSS
5.5CVSS
5.4AI Score
0.0004EPSS
5.5CVSS
5.2AI Score
0.0004EPSS
5.5CVSS
5.2AI Score
0.0004EPSS
GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted...
5.5CVSS
5.3AI Score
0.0004EPSS
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at...
5.5CVSS
5.4AI Score
0.0004EPSS
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at...
5.5CVSS
5.4AI Score
0.0004EPSS
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at...
5.5CVSS
5.4AI Score
0.0004EPSS