Shodan
Vulnerabilities
Vulnerable Software
Gpac:  >> Gpac  >> 2.3-dev-rev40-g3602a5ded  Security Vulnerabilities
CVE-2025-7797
A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null pointer dereference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 153ea314b6b053db17164f8bc3c7e1e460938eaa. It is recommended to apply a patch to fix this issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2025-07-18
CVE-2024-24267
gpac v2.2.1 (fixed in v2.4.0) was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-02-05
CVE-2024-0321
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-01-08
CVE-2024-0322
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-01-08
CVE-2023-46871
GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-12-07
CVE-2023-5998
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.
CVSS Score
4.0
EPSS Score
0.001
Published
2023-11-07
CVE-2023-5595
Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.
CVSS Score
5.1
EPSS Score
0.0
Published
2023-10-16
CVE-2023-5586
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-10-15
CVE-2023-1655
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-03-27
CVE-2023-0841
A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087.
CVSS Score
6.3
EPSS Score
0.002
Published
2023-02-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved