Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gpac Project Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20763 3 Canonical, Debian, Gpac Project 3 Ubuntu Linux, Debian Linux, Gpac 2019-04-15 6.8 MEDIUM 7.8 HIGH
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.
CVE-2018-20761 3 Canonical, Debian, Gpac Project 3 Ubuntu Linux, Debian Linux, Gpac 2019-04-15 6.8 MEDIUM 7.8 HIGH
GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.
CVE-2018-20762 3 Canonical, Debian, Gpac Project 3 Ubuntu Linux, Debian Linux, Gpac 2019-04-15 6.8 MEDIUM 7.8 HIGH
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.
CVE-2018-1000100 2 Canonical, Gpac Project 2 Ubuntu Linux, Gpac 2019-04-03 6.8 MEDIUM 7.8 HIGH
GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This attack appear to be exploitable via an attacker supplied MP4 file that when run by the victim may result in RCE.