GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-14
GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.)
CVSS Score
7.8
EPSS Score
0.001
Published
2022-03-14
GPAC 1.0.1 is affected by a NULL pointer dereference in gf_dump_vrml_field.isra ().
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-14
GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box.
CVSS Score
7.8
EPSS Score
0.003
Published
2022-03-14
GPAC 1.0.1 is affected by Use After Free through MP4Box.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-14
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.
CVSS Score
5.8
EPSS Score
0.011
Published
2022-02-04
A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-02-04
The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-13
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in list.c, which allows attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-01-13
The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS Score
7.8
EPSS Score
0.006
Published
2022-01-13