Gpac: Security Vulnerabilities
GPAC 1.0.1 is affected by a NULL pointer dereference in gf_dump_vrml_field.isra ().
CVSS Score
5.5
EPSS Score
0.007
Published
2022-03-14
GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box.
CVSS Score
7.8
EPSS Score
0.009
Published
2022-03-14
GPAC 1.0.1 is affected by Use After Free through MP4Box.
CVSS Score
5.5
EPSS Score
0.007
Published
2022-03-14
GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box.
CVSS Score
7.8
EPSS Score
0.009
Published
2022-03-12
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.
CVSS Score
5.8
EPSS Score
0.048
Published
2022-02-04
A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871.
CVSS Score
5.5
EPSS Score
0.006
Published
2022-02-04
A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_destroy_routes () at scenegraph/vrml_route.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.006
Published
2022-01-21
The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function __memmove_avx_unaligned_erms (). This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.006
Published
2022-01-21
A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.007
Published
2022-01-21
A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_vrml_field_pointer_del () at scenegraph/vrml_tools.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS Score
5.5
EPSS Score
0.007
Published
2022-01-21