Shodan
Vulnerabilities
Vulnerable Software
Gpac:  >> Gpac  >> 0.9.0  Security Vulnerabilities
CVE-2021-32270
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
CVE-2021-32271
An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-09-20
CVE-2021-32268
Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.
CVSS Score
7.8
EPSS Score
0.007
Published
2021-09-20
CVE-2020-23928
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
CVSS Score
7.1
EPSS Score
0.003
Published
2021-04-21
CVE-2020-23930
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-04-21
CVE-2020-23931
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
CVSS Score
7.1
EPSS Score
0.003
Published
2021-04-21
CVE-2020-23932
An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-04-21
CVE-2021-30014
There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-04-19
CVE-2021-30022
There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-04-19
CVE-2019-20168
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gf_isom_box_dump_ex() in isomedia/box_funcs.c.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved