Vulnerabilities (CVE)

Filtered by vendor Gpac Subscribe
Filtered by product Gpac
Total 317 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4679 1 Gpac 1 Gpac 2024-11-19 N/A 5.5 MEDIUM
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash.
CVE-2023-37767 1 Gpac 1 Gpac 2024-11-14 N/A 5.5 MEDIUM
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so.
CVE-2023-37174 1 Gpac 1 Gpac 2024-11-08 N/A 5.5 MEDIUM
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c.
CVE-2023-37766 1 Gpac 1 Gpac 2024-11-08 N/A 5.5 MEDIUM
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so.
CVE-2023-37765 1 Gpac 1 Gpac 2024-11-08 N/A 5.5 MEDIUM
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so.
CVE-2021-4043 2 Debian, Gpac 2 Debian Linux, Gpac 2024-11-08 4.3 MEDIUM 5.5 MEDIUM
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.
CVE-2024-6061 1 Gpac 1 Gpac 2024-09-25 1.7 LOW 5.5 MEDIUM
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_read.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is 20c0f29139a82779b86453ce7f68d0681ec7624c. It is recommended to apply a patch to fix this issue. The identifier VDB-268789 was assigned to this vulnerability.
CVE-2024-6062 1 Gpac 1 Gpac 2024-09-25 1.7 LOW 5.5 MEDIUM
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd. It is recommended to apply a patch to fix this issue. VDB-268790 is the identifier assigned to this vulnerability.
CVE-2024-6063 1 Gpac 1 Gpac 2024-09-25 1.7 LOW 5.5 MEDIUM
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmx_on_event of the file src/filters/dmx_m2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8767ed0a77c4b02287db3723e92c2169f67c85d5. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-268791.
CVE-2024-6064 1 Gpac 1 Gpac 2024-09-25 4.3 MEDIUM 5.5 MEDIUM
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmt_node_end of the file src/scene_manager/loader_xmt.c of the component MP4Box. The manipulation leads to use after free. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is f4b3e4d2f91bc1749e7a924a8ab171af03a355a8/c1b9c794bad8f262c56f3cf690567980d96662f5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-268792.
CVE-2023-46927 1 Gpac 1 Gpac 2024-09-12 N/A 5.5 MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box.
CVE-2023-46930 1 Gpac 1 Gpac 2024-09-06 N/A 5.5 MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14.
CVE-2023-46931 1 Gpac 1 Gpac 2024-09-06 N/A 5.5 MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box.
CVE-2023-46928 1 Gpac 1 Gpac 2024-09-06 N/A 5.5 MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42.
CVE-2023-46001 1 Gpac 1 Gpac 2024-09-05 N/A 5.5 MEDIUM
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data.
CVE-2023-47384 1 Gpac 1 Gpac 2024-09-03 N/A 5.5 MEDIUM
MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVE-2023-48011 1 Gpac 1 Gpac 2024-08-29 N/A 7.8 HIGH
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.
CVE-2023-0841 1 Gpac 1 Gpac 2024-05-28 7.5 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087.
CVE-2024-24267 1 Gpac 1 Gpac 2024-05-28 N/A 7.5 HIGH
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function.
CVE-2023-1452 1 Gpac 1 Gpac 2024-05-17 4.3 MEDIUM 7.8 HIGH
A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.