Vulnerabilities > Gpac > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-13 | CVE-2021-40574 | Double Free vulnerability in Gpac 1.0.1 The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | 7.8 |
| 2022-01-13 | CVE-2021-40568 | Classic Buffer Overflow vulnerability in Gpac A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | 7.8 |
| 2022-01-13 | CVE-2021-40570 | Double Free vulnerability in Gpac 1.0.1 The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | 7.8 |
| 2022-01-13 | CVE-2021-40571 | Double Free vulnerability in Gpac 1.0.1 The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | 7.8 |
| 2022-01-12 | CVE-2021-36417 | Out-of-bounds Write vulnerability in Gpac 1.0.1 A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. | 7.8 |
| 2022-01-10 | CVE-2021-36412 | Out-of-bounds Write vulnerability in Gpac 1.0.1 A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command, | 7.8 |
| 2022-01-10 | CVE-2021-36414 | Out-of-bounds Write vulnerability in Gpac 1.0.1 A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | 7.8 |
| 2021-10-01 | CVE-2021-41456 | Out-of-bounds Write vulnerability in Gpac Mp4Box 1.0.1 There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability. | 7.5 |
| 2021-10-01 | CVE-2021-41457 | Out-of-bounds Write vulnerability in Gpac Mp4Box 1.1.0 There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | 7.5 |
| 2021-10-01 | CVE-2021-41459 | Out-of-bounds Write vulnerability in Gpac Mp4Box 1.0.1 There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. | 7.5 |