Vulnerabilities > Gpac

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-24265 Memory Leak vulnerability in Gpac 2.2.1
gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function.
network
low complexity
gpac CWE-401
7.5
2024-02-05 CVE-2024-24266 Use After Free vulnerability in Gpac 2.2.1
gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c.
network
low complexity
gpac CWE-416
7.5
2024-02-05 CVE-2024-24267 Memory Leak vulnerability in Gpac 2.2.1
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function.
network
low complexity
gpac CWE-401
7.5
2024-01-25 CVE-2024-22749 Classic Buffer Overflow vulnerability in Gpac 2.3
GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577
local
low complexity
gpac CWE-120
7.8
2024-01-10 CVE-2023-50120 Infinite Loop vulnerability in Gpac 2.3
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c.
local
low complexity
gpac CWE-835
5.5
2024-01-08 CVE-2024-0321 Out-of-bounds Write vulnerability in Gpac
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
network
low complexity
gpac CWE-787
critical
9.8
2024-01-08 CVE-2024-0322 Out-of-bounds Read vulnerability in Gpac
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
network
low complexity
gpac CWE-125
critical
9.1
2024-01-03 CVE-2023-46929 Unspecified vulnerability in Gpac 2.3Devrev605Gfc9E29089Master
An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers to crash the application.
network
low complexity
gpac
7.5
2023-12-09 CVE-2023-46932 Out-of-bounds Write vulnerability in Gpac 2.3Devrev617G671976Fccmaster
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.
network
low complexity
gpac CWE-787
critical
9.8
2023-12-09 CVE-2023-47465 Unspecified vulnerability in Gpac 2.2.1
An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c.
local
low complexity
gpac
5.5