Shodan
Vulnerabilities
Vulnerable Software
Gpac:  Security Vulnerabilities
CVE-2021-31255
Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS Score
7.8
EPSS Score
0.015
Published
2021-04-19
CVE-2021-31256
Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS Score
5.5
EPSS Score
0.011
Published
2021-04-19
CVE-2021-31257
The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.009
Published
2021-04-19
CVE-2021-31258
The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.009
Published
2021-04-19
CVE-2021-31259
The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.009
Published
2021-04-19
CVE-2021-31260
The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.009
Published
2021-04-19
CVE-2021-31261
The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.011
Published
2021-04-19
CVE-2021-31262
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.009
Published
2021-04-19
CVE-2021-28300
NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack()" function of GPAC v0.5.2 allows attackers to execute arbitrary code or cause a Denial-of-Service (DoS) by uploading a malicious MP4 file.
CVSS Score
9.8
EPSS Score
0.021
Published
2021-04-14
CVE-2020-11558
An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_movie_boxes.
CVSS Score
9.8
EPSS Score
0.015
Published
2020-04-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved