GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. Version 2.4 of GPAC contains a security vulnerability, which stems from a heap buffer overflow in the m2tsdmxsendpacket function. This vulnerability could lead to a denial-of-service attack...

GPAC 代码问题漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC 2.4.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the MergeFragment function in the MP4Box component, which could lead to null pointer dereferencing...

GPAC 资源管理错误漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 26.02.0 contain a resource management vulnerability. This vulnerability arises from the function sidxboxread in the file src/isomedia/boxcodebase.c, which involves resource allocation and requires a local...

EUVD-2026-13782

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

CVE-2026-33144

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

PT-2026-22061

Name of the Vulnerable Software and Affected Versions GPAC versions up to and including 26.02.0 Description GPAC is an open-source multimedia framework. A stack buffer overflow occurs during NHML file parsing in src/filters/dmx nhml.c. The xmlHeaderEnd XML attribute’s value from att-value is copi...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

GPAC code-related vulnerabilities

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 2.4.0 have code vulnerabilities. These vulnerabilities stem from incorrect handling of parameters in the Name field in the src/mediatools/mediaexport.c file, which may lead to null pointer dereferencing...

GPAC vorbis_to_intern function stack buffer overflow vulnerability

GPAC is an open source multimedia framework. GPAC suffers from a stack buffer overflow vulnerability that stems from the vorbistointern function failing to correctly validate the length and size of the input data, which can be exploited by an attacker to cause a denial of service...

GPAC uncv_parse_config function stack buffer overflow vulnerability

GPAC is an open source multimedia framework. GPAC has a stack buffer overflow vulnerability that originates from the uncvparseconfig function failing to properly validate the length size of the input data, which can be exploited by an attacker to cause a denial of service...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC suffers from a stack buffer overflow vulnerability that stems from the dmxsaf function failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a denial of service...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC has a heap buffer overflow vulnerability that stems from the aviparseinputfile function failing to properly validate the length and size of the input data, which can be exploited by an attacker to cause a denial of service...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC suffers from an out-of-bounds read vulnerability that stems from the oggdmxparsetags function failing to properly validate the length size of the input data, which can be exploited by an attacker to cause a denial of service...

CVE-2023-1452

A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/loadtext.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit...

GPAC 安全漏洞

GPAC is an open source multimedia framework from GPAC Open Source. A security vulnerability exists in GPAC version 2.4, which stems from a heap buffer overflow vulnerability on isomedia/sampledescs.c:1799 in gfisomnewmphadescription in MP4Box...

GPAC Code Issue Vulnerability

GPAC is an open source multimedia framework. A code issue vulnerability exists in GPAC version 2.5-DEV-rev228-g11067ea92-master, which stems from a mishandling of a related function that results in a null pointer dereference...