Shodan
Vulnerabilities
Vulnerable Software
Gpac:  Security Vulnerabilities
CVE-2020-23930
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-04-21
CVE-2020-23931
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
CVSS Score
7.1
EPSS Score
0.003
Published
2021-04-21
CVE-2020-23932
An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-04-21
CVE-2020-35979
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-04-21
CVE-2020-35980
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-04-21
CVE-2020-35981
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-04-21
CVE-2020-35982
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-04-21
CVE-2021-29279
There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. In which, the arg const GF_PropertyValue *value,maybe value->value.data.size is a negative number. In result, memcpy in gf_props_assign_value failed.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-04-19
CVE-2021-30014
There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-04-19
CVE-2021-30015
There is a Null Pointer Dereference in function filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC 1.0.1. The pid comes from function av1dmx_parse_flush_sample, the ctx.opid maybe NULL. The result is a crash in gf_filter_pck_new_alloc_internal.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-04-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved