Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gpac Subscribe
Total 281 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11558 1 Gpac 1 Gpac 2020-04-06 7.5 HIGH 9.8 CRITICAL
An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_movie_boxes.
CVE-2019-20632 1 Gpac 1 Gpac 2020-03-25 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_odf_delete_descriptor in odf/desc_private.c that can cause a denial of service via a crafted MP4 file.
CVE-2019-20631 1 Gpac 1 Gpac 2020-03-25 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_list_count in utils/list.c that can cause a denial of service via a crafted MP4 file.
CVE-2019-20630 1 Gpac 1 Gpac 2020-03-25 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BS_ReadByte (called from gf_bs_read_bit) in utils/bitstream.c that can cause a denial of service via a crafted MP4 file.
CVE-2019-20629 1 Gpac 1 Gpac 2020-03-25 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.
CVE-2019-20628 1 Gpac 1 Gpac 2020-03-25 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use-After-Free vulnerability in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.
CVE-2019-13618 1 Gpac 1 Gpac 2020-01-20 5.0 MEDIUM 7.5 HIGH
In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c.
CVE-2020-6630 1 Gpac 1 Gpac 2020-01-14 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gf_isom_get_media_data_size() in isomedia/isom_read.c.
CVE-2020-6631 1 Gpac 1 Gpac 2020-01-14 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gf_m2ts_stream_process_pmt() in media_tools/m2ts_mux.c.
CVE-2019-20164 1 Gpac 1 Gpac 2020-01-02 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_box_del() in isomedia/box_funcs.c.
CVE-2019-20166 1 Gpac 1 Gpac 2020-01-02 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_dump() in isomedia/box_dump.c.
CVE-2019-20167 1 Gpac 1 Gpac 2020-01-02 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function senc_Parse() in isomedia/box_code_drm.c.
CVE-2019-20169 1 Gpac 1 Gpac 2020-01-02 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function trak_Read() in isomedia/box_code_base.c.
CVE-2019-20168 1 Gpac 1 Gpac 2020-01-02 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gf_isom_box_dump_ex() in isomedia/box_funcs.c.
CVE-2019-20160 1 Gpac 1 Gpac 2020-01-02 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1_parse_tile_group() in media_tools/av_parsers.c.
CVE-2019-12482 1 Gpac 1 Gpac 2019-06-30 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gf_isom_get_original_format_type at isomedia/drm_sample.c in libgpac.a, as demonstrated by MP4Box.
CVE-2019-12481 1 Gpac 1 Gpac 2019-06-30 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box.
CVE-2018-7752 3 Canonical, Debian, Gpac 3 Ubuntu Linux, Debian Linux, Gpac 2019-04-15 6.8 MEDIUM 7.8 HIGH
GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.
CVE-2018-20760 3 Canonical, Debian, Gpac 3 Ubuntu Linux, Debian Linux, Gpac 2019-04-15 6.8 MEDIUM 7.8 HIGH
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.
CVE-2018-13006 3 Canonical, Debian, Gpac 3 Ubuntu Linux, Debian Linux, Gpac 2019-03-29 7.5 HIGH 9.8 CRITICAL
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.