Gpac: Security Vulnerabilities
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.
CVSS Score
7.8
EPSS Score
0.014
Published
2019-02-06
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.
CVSS Score
9.8
EPSS Score
0.025
Published
2018-06-29
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.
CVSS Score
9.8
EPSS Score
0.023
Published
2018-06-29
GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.
CVSS Score
7.8
EPSS Score
0.015
Published
2018-03-07
Page 40