Shodan
Vulnerabilities
Vulnerable Software
Gpac:  Security Vulnerabilities
CVE-2021-45289
A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL.
CVSS Score
5.5
EPSS Score
0.006
Published
2021-12-21
CVE-2021-45291
The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.006
Published
2021-12-21
CVE-2021-45292
The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.006
Published
2021-12-21
CVE-2021-45288
A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.006
Published
2021-12-21
CVE-2020-22673
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
CVSS Score
5.5
EPSS Score
0.007
Published
2021-10-12
CVE-2020-22674
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input.
CVSS Score
5.5
EPSS Score
0.007
Published
2021-10-12
CVE-2020-22675
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
CVSS Score
5.5
EPSS Score
0.007
Published
2021-10-12
CVE-2020-22677
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
CVSS Score
5.5
EPSS Score
0.007
Published
2021-10-12
CVE-2020-22678
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
CVSS Score
5.5
EPSS Score
0.007
Published
2021-10-12
CVE-2020-22679
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
CVSS Score
5.5
EPSS Score
0.007
Published
2021-10-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved