Vulnerabilities > Gpac

DATE CVE VULNERABILITY TITLE RISK
2021-04-21 CVE-2020-35982 NULL Pointer Dereference vulnerability in Gpac 0.8.0/1.0.1
An issue was discovered in GPAC version 0.8.0 and 1.0.1.
local
low complexity
gpac CWE-476
7.8
7.8
2021-04-21 CVE-2020-35981 NULL Pointer Dereference vulnerability in Gpac 0.8.0/1.0.1
An issue was discovered in GPAC version 0.8.0 and 1.0.1.
local
low complexity
gpac CWE-476
7.8
7.8
2021-04-21 CVE-2020-35980 Use After Free vulnerability in Gpac 0.8.0/1.0.1
An issue was discovered in GPAC version 0.8.0 and 1.0.1.
local
low complexity
gpac CWE-416
7.8
7.8
2021-04-21 CVE-2020-35979 Out-of-bounds Write vulnerability in Gpac 0.8.0/1.0.1
An issue was discovered in GPAC version 0.8.0 and 1.0.1.
local
low complexity
gpac CWE-787
7.8
7.8
2021-04-19 CVE-2021-30199 NULL Pointer Dereference vulnerability in Gpac 1.0.1
In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called.
local
low complexity
gpac CWE-476
5.5
5.5
2021-04-19 CVE-2021-30022 Integer Overflow or Wraparound vulnerability in Gpac 1.0.1
There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC 1.0.1.
local
low complexity
gpac CWE-190
5.5
5.5
2021-04-19 CVE-2021-30020 Out-of-bounds Write vulnerability in Gpac 1.0.1
In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps->num_tile_columns may be larger than sizeof(pps->column_width), which results in a heap overflow in the loop.
local
low complexity
gpac CWE-787
5.5
5.5
2021-04-19 CVE-2021-30019 Out-of-bounds Write vulnerability in Gpac 1.0.1
In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than ctx->hdr.hdr_size, resulting in size to be a negative number and a heap overflow in the memcpy.
local
low complexity
gpac CWE-787
5.5
5.5
2021-04-19 CVE-2021-30015 NULL Pointer Dereference vulnerability in Gpac 1.0.1
There is a Null Pointer Dereference in function filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC 1.0.1.
local
low complexity
gpac CWE-476
5.5
5.5
2021-04-19 CVE-2021-30014 Integer Overflow or Wraparound vulnerability in Gpac 1.0.1
There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC 1.0.1 which results in a crash.
local
low complexity
gpac CWE-190
5.5
5.5