GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-06
A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-17
GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-17
NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV.
CVSS Score
5.7
EPSS Score
0.003
Published
2022-07-27
Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-07-19
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-07-19
The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-06-28
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-06-28
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-06-28
The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-06-28