Shodan
Vulnerabilities
Vulnerable Software
Gpac:  Security Vulnerabilities
CVE-2021-40569
The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-13
CVE-2021-40570
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-01-13
CVE-2021-40571
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-01-13
CVE-2021-40567
Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-13
CVE-2021-40568
A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-01-13
CVE-2021-40562
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-12
CVE-2021-40563
A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-12
CVE-2021-40564
A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-12
CVE-2021-40565
A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-12
CVE-2021-40566
A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved