Total
317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1449 | 1 Gpac | 1 Gpac | 2024-05-17 | 4.3 MEDIUM | 7.8 HIGH |
| A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-1448 | 1 Gpac | 1 Gpac | 2024-05-17 | 4.3 MEDIUM | 7.8 HIGH |
| A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability. | |||||
| CVE-2024-24266 | 1 Gpac | 1 Gpac | 2024-02-07 | N/A | 7.5 HIGH |
| gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c. | |||||
| CVE-2024-24265 | 1 Gpac | 1 Gpac | 2024-02-07 | N/A | 7.5 HIGH |
| gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function. | |||||
| CVE-2023-48039 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 5.5 MEDIUM |
| GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75. | |||||
| CVE-2023-46871 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 5.3 MEDIUM |
| GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. | |||||
| CVE-2023-47465 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 5.5 MEDIUM |
| An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c. | |||||
| CVE-2023-48014 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 7.8 HIGH |
| GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c. | |||||
| CVE-2023-48958 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 5.5 MEDIUM |
| gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589. | |||||
| CVE-2024-22749 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 7.8 HIGH |
| GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577 | |||||
| CVE-2023-48090 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 7.1 HIGH |
| GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329. | |||||
| CVE-2023-46932 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 9.8 CRITICAL |
| Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box. | |||||
| CVE-2023-48013 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 7.8 HIGH |
| GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c. | |||||
| CVE-2023-50120 | 1 Gpac | 1 Gpac | 2024-02-05 | N/A | 5.5 MEDIUM |
| MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. | |||||
| CVE-2023-3291 | 1 Gpac | 1 Gpac | 2024-02-04 | N/A | 3.3 LOW |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-2838 | 1 Gpac | 1 Gpac | 2024-02-04 | N/A | 9.1 CRITICAL |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-2839 | 1 Gpac | 1 Gpac | 2024-02-04 | N/A | 7.5 HIGH |
| Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-2840 | 1 Gpac | 1 Gpac | 2024-02-04 | N/A | 9.8 CRITICAL |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-2837 | 1 Gpac | 1 Gpac | 2024-02-04 | N/A | 5.5 MEDIUM |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-3013 | 1 Gpac | 1 Gpac | 2024-02-04 | N/A | 7.1 HIGH |
| Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2. | |||||