Shodan
Vulnerabilities
Vulnerable Software
Gpac:  >> Gpac  >> 0.7.0  Security Vulnerabilities
CVE-2019-20631
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_list_count in utils/list.c that can cause a denial of service via a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-03-24
CVE-2019-20632
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_odf_delete_descriptor in odf/desc_private.c that can cause a denial of service via a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-03-24
CVE-2019-20628
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use-After-Free vulnerability in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.004
Published
2020-03-24
CVE-2019-20208
dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow.
CVSS Score
5.5
EPSS Score
0.005
Published
2020-01-02
CVE-2019-20171
An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c.
CVSS Score
5.5
EPSS Score
0.005
Published
2019-12-31
CVE-2019-13618
In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-07-16
CVE-2019-12481
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-05-30
CVE-2019-12482
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gf_isom_get_original_format_type at isomedia/drm_sample.c in libgpac.a, as demonstrated by MP4Box.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-05-30
CVE-2019-12483
An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-05-30
CVE-2018-20760
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved