Shodan
Vulnerabilities
Vulnerable Software
Gpac:  Security Vulnerabilities
CVE-2020-23267
An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file
CVSS Score
7.1
EPSS Score
0.002
Published
2021-09-22
CVE-2020-23269
An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-09-22
CVE-2021-32269
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
CVE-2021-32270
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
CVE-2021-32271
An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.004
Published
2021-09-20
CVE-2021-32268
Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.
CVSS Score
7.8
EPSS Score
0.007
Published
2021-09-20
CVE-2021-32138
The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-32139
The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-33361
Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13
CVE-2021-33363
Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved