CPE Details
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:gpac:gpac:1.1.0:dev:*:*:*:*:*:*
Informations
Vendor
gpacProduct
gpacVersion
1.1.0Update
devRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null pointer dereference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 153ea314b6b053db17164f8bc3c7e1e460938eaa. It is recommended to apply a patch to fix this issue. | 6.9 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | 9.1 |
Critical |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | 9.8 |
Critical |
||
| An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c. | 5.5 |
Medium |
||
| GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. | 5.3 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.5 |
High |
||
| Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.8 |
High |
||
| An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of file src/bifs/unquantize.c. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | 7.7 |
High |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV. | 7.1 |
High |
||
| GPAC through 2.2.1 has a use-after-free vulnerability in the function gf_bifs_flush_command_list in bifs/memory_decoder.c. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | 7.1 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | 3.3 |
Low |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | 7.8 |
High |
||
| Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2. | 7.1 |
High |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | 5.5 |
Medium |
||
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | 9.1 |
Critical |
||
| Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2. | 7.5 |
High |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | 9.8 |
Critical |
||
| Denial of Service in GitHub repository gpac/gpac prior to 2.4.0. | 7.8 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0. | 7.8 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.8 |
High |
||
| Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV. | 7.8 |
High |
||
| Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. | 5.5 |
Medium |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | 7.8 |
High |
||
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. | 7.8 |
High |
||
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2. | 7.8 |
High |
||
| Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.8 |
High |
||
| GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c. | 5.5 |
Medium |
||
| GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c. | 5.5 |
Medium |
||
| GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c | 5.5 |
Medium |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow. | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is contains an Integer overflow vulnerability in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8316 | 7.1 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113 | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261 | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273 | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662 | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039 | 7.8 |
High |
||
| GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes | 7.8 |
High |
||
| GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662 | 5.5 |
Medium |
||
| GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609 | 7.8 |
High |
||
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. | 7.8 |
High |
||
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via the function dimC_box_read at isomedia/box_code_3gpp.c. | 5.5 |
Medium |
||
| GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c. | 7.8 |
High |
||
| A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463. | 6.5 |
Medium |
||
| GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_list_new at utils/list.c. | 5.5 |
Medium |
||
| GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_odf_new_iod at odf/odf_code.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function gf_isom_box_dump_start_ex at /isomedia/box_funcs.c. | 7.8 |
High |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function FixSDTPInTRAF at isomedia/isom_intern.c. | 7.8 |
High |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BD_CheckSFTimeOffset at /bifs/field_decode.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_get_meta_item_info at /isomedia/meta.c. | 5.5 |
Medium |
||
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c. | 5.5 |
Medium |
||
| Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5.5 |
Medium |
||
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 7.8 |
High |
||
| GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD. | 7.8 |
High |
||
| GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242. | 9.8 |
Critical |
||
| A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242. | 5.5 |
Medium |
||
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV. | 5.5 |
Medium |
||
| Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV. | 7.8 |
High |
||
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. | 7.8 |
High |
||
| The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | 5.5 |
Medium |
||
| In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS). | 5.5 |
Medium |
||
| Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. | 9.8 |
Critical |
||
| GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad. | 7.5 |
High |
||
| In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2. | 7.5 |
High |
||
| GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow. | 5.5 |
Medium |
||
| GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag. | 5.5 |
Medium |
||
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box. | 5.5 |
Medium |
||
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag. | 5.5 |
Medium |
||
| Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5.5 |
Medium |
||
| Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5 |
Medium |
||
| Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5.5 |
Medium |
||
| A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871. | 5.5 |
Medium |
||
| The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function __memmove_avx_unaligned_erms (). This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_destroy_routes () at scenegraph/vrml_route.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_dump_vrml_sffield () at scene_manager/scene_dump.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| The binary MP4Box in GPAC v1.1.0 was discovered to contain an invalid free vulnerability via the function gf_free () at utils/alloc.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at scenegraph/base_scenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service (DoS). | 5.5 |
Medium |
||
| An untrusted pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_vrml_field_pointer_del () at scenegraph/vrml_tools.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c. This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). | 5.5 |
Medium |
||
| GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). | 5.5 |
Medium |
||
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash. | 7.5 |
High |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An invalid memory address dereference vulnerability exists in gpac 1.1.0 via the svg_node_start function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash. | 5.5 |
Medium |
||
| A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash. | 5.5 |
Medium |
||
| An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. | 5.5 |
Medium |
