Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-03-27
A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-03-17
A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-03-17
A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-03-17
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-02-13
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-02-13
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-02-13
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-05-05
GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-05-05
Page 3