Total
277 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-21015 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2023-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL. | |||||
| CVE-2018-21016 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2023-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||||
| CVE-2023-0866 | 1 Gpac | 1 Gpac | 2023-02-24 | N/A | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||||
| CVE-2023-0841 | 1 Gpac | 1 Gpac | 2023-02-22 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087. | |||||
| CVE-2023-0818 | 1 Gpac | 1 Gpac | 2023-02-22 | N/A | 5.5 MEDIUM |
| Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. | |||||
| CVE-2023-0817 | 1 Gpac | 1 Gpac | 2023-02-22 | N/A | 7.8 HIGH |
| Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV. | |||||
| CVE-2023-0819 | 1 Gpac | 1 Gpac | 2023-02-22 | N/A | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | |||||
| CVE-2023-0770 | 1 Gpac | 1 Gpac | 2023-02-16 | N/A | 7.8 HIGH |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2. | |||||
| CVE-2023-0760 | 1 Gpac | 1 Gpac | 2023-02-16 | N/A | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. | |||||
| CVE-2022-4202 | 1 Gpac | 1 Gpac | 2023-02-01 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-23143 | 1 Gpac | 1 Gpac | 2023-02-01 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master. | |||||
| CVE-2023-23144 | 1 Gpac | 1 Gpac | 2023-02-01 | N/A | 5.5 MEDIUM |
| Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master. | |||||
| CVE-2023-23145 | 1 Gpac | 1 Gpac | 2023-02-01 | N/A | 7.8 HIGH |
| GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function. | |||||
| CVE-2023-0358 | 1 Gpac | 1 Gpac | 2023-01-25 | N/A | 7.8 HIGH |
| Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||||
| CVE-2019-20208 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2023-01-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow. | |||||
| CVE-2022-47663 | 1 Gpac | 1 Gpac | 2023-01-11 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609 | |||||
| CVE-2022-47662 | 1 Gpac | 1 Gpac | 2023-01-11 | N/A | 5.5 MEDIUM |
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662 | |||||
| CVE-2022-47661 | 1 Gpac | 1 Gpac | 2023-01-11 | N/A | 7.8 HIGH |
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes | |||||
| CVE-2022-47086 | 1 Gpac | 1 Gpac | 2023-01-11 | N/A | 5.5 MEDIUM |
| GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c | |||||
| CVE-2022-46490 | 1 Gpac | 1 Gpac | 2023-01-11 | N/A | 5.5 MEDIUM |
| GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c. | |||||