Vulnerabilities > Gpac Project

DATE CVE VULNERABILITY TITLE RISK
2019-02-06 CVE-2018-20763 Out-of-bounds Write vulnerability in multiple products
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.
local
low complexity
gpac-project debian canonical CWE-787
7.8
2019-02-06 CVE-2018-20762 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.
local
low complexity
gpac-project debian canonical CWE-119
7.8
2019-02-06 CVE-2018-20761 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.
local
low complexity
gpac-project debian canonical CWE-119
7.8
2018-03-06 CVE-2018-1000100 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE.
local
low complexity
gpac-project canonical CWE-119
7.8