GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-06
A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-17
A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-08-17
GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-17
Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV.
CVSS Score
7.3
EPSS Score
0.002
Published
2022-05-18
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-05-05
GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-05-05
Page 9