Gpac: Security Vulnerabilities
gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box.
CVSS Score
5.5
EPSS Score
0.006
Published
2022-04-20
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.
CVSS Score
5.5
EPSS Score
0.007
Published
2022-04-08
GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.
CVSS Score
5.5
EPSS Score
0.008
Published
2022-04-08
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.
CVSS Score
5.5
EPSS Score
0.007
Published
2022-04-08
GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.
CVSS Score
5.5
EPSS Score
0.008
Published
2022-04-08
Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVSS Score
4.0
EPSS Score
0.008
Published
2022-04-04
Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVSS Score
5.6
EPSS Score
0.007
Published
2022-03-30
Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVSS Score
2.9
EPSS Score
0.008
Published
2022-03-21
GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c.
CVSS Score
7.8
EPSS Score
0.009
Published
2022-03-14
GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.)
CVSS Score
7.8
EPSS Score
0.012
Published
2022-03-14