CPE Details
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:gpac:gpac:1.1.0:1.1.0-dev-rev1727-g8be34973d-master:*:*:*:*:*:*
Informations
Vendor
gpacProduct
gpacVersion
1.1.0Update
1.1.0-dev-rev1727-g8be34973d-masterRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | 9.1 |
Critical |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | 9.8 |
Critical |
||
| An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c. | 5.5 |
Medium |
||
| GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. | 5.3 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.5 |
High |
||
| Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.8 |
High |
||
| An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of file src/bifs/unquantize.c. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | 7.1 |
High |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV. | 7.1 |
High |
||
| GPAC through 2.2.1 has a use-after-free vulnerability in the function gf_bifs_flush_command_list in bifs/memory_decoder.c. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | 7.1 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | 3.3 |
Low |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | 7.8 |
High |
||
| Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2. | 7.1 |
High |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | 9.1 |
Critical |
||
| Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2. | 7.5 |
High |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | 9.8 |
Critical |
||
| Denial of Service in GitHub repository gpac/gpac prior to 2.4.0. | 7.8 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0. | 7.8 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.8 |
High |
||
| Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV. | 7.8 |
High |
||
| Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. | 5.5 |
Medium |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | 7.8 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. | 7.8 |
High |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2. | 7.8 |
High |
||
| Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.8 |
High |
||
| GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c. | 5.5 |
Medium |
||
| GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c. | 5.5 |
Medium |
||
| GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c | 5.5 |
Medium |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow. | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is contains an Integer overflow vulnerability in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8316 | 7.1 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113 | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261 | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273 | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662 | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039 | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662 | 5.5 |
Medium |
||
| GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609 | 7.8 |
High |
||
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. | 7.8 |
High |
||
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via the function dimC_box_read at isomedia/box_code_3gpp.c. | 5.5 |
Medium |
||
| GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c. | 7.8 |
High |
||
| A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463. | 6.5 |
Medium |
||
| GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_list_new at utils/list.c. | 5.5 |
Medium |
||
| GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_odf_new_iod at odf/odf_code.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function gf_isom_box_dump_start_ex at /isomedia/box_funcs.c. | 7.8 |
High |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function FixSDTPInTRAF at isomedia/isom_intern.c. | 7.8 |
High |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BD_CheckSFTimeOffset at /bifs/field_decode.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_get_meta_item_info at /isomedia/meta.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c. | 5.5 |
Medium |
||
| Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5.5 |
Medium |
||
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 7.8 |
High |
||
| GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD. | 7.8 |
High |
||
| GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242. | 9.8 |
Critical |
||
| A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV. | 5.5 |
Medium |
||
| Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV. | 7.8 |
High |
||
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. | 7.8 |
High |
||
| The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS). | 5.5 |
Medium |
||
| Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. | 9.8 |
Critical |
||
| GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad. | 7.5 |
High |
||
| In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2. | 7.5 |
High |
||
| GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow. | 5.5 |
Medium |
||
| GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag. | 5.5 |
Medium |
||
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box. | 5.5 |
Medium |
||
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag. | 5.5 |
Medium |
||
| Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5.5 |
Medium |
||
| Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5 |
Medium |
||
| Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5.5 |
Medium |
||
| A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871. | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). | 5.5 |
Medium |
||
| GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash. | 5.5 |
Medium |
||
| An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. | 5.5 |
Medium |
2025©
tesweb SA
