Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. The vulnerability exists due to null pointer deference in the avcparseslice function in avparsers.c, which causes a segmentation fault, allowing an attacker to crash the application through the mp4box...

CVE-2021-40572

The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmxfinalize function in reframeav1.c, which allows attackers to cause a denial of service...

CVE-2021-40576

The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gfisomgetpaytcount function in hinttrack.c, which allows attackers to cause a denial of service...

GPAC buffer overflow vulnerability (CNVD-2022-08469)

GPAC is an open source multimedia framework. GPAC suffers from a security vulnerability that originates from a heabased buffer overflow vulnerability in MP4Box for GPAC 1.0.1, which can be exploited by an attacker to cause a denial of service or execute arbitrary code via a crafted file...

GPAC buffer overflow vulnerability (CNVD-2022-08468)

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC 1.0.1, which stems from a heap-based buffer overflow vulnerability in MP4Box of GPAC 1.0.1, which can be exploited by an attacker to produce unspecified other impacts through files made in MP4Box commands by usin...

CVE-2021-40574

The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gftextgetutf8line function in loadtext.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges...

CVE-2021-40571

GPAC mp4box 1.0.1 has a double-free in ilst_box_read (box_code_apple.c) that can cause denial of service and potentially code execution/privilege escalation. Debian fixes gpac to 1.0.1+dfsg1-4+deb11u2; upgrade recommended. Other connected sources corroborate GPAC vulnerabilities; no additional ex...

CVE-2021-40570

GPAC vulnerability CVE-2021-40570 affects the MP4Box binary in GPAC 1.0.1, where a double-free in avc_compute_poc (av_parsers.c) can lead to denial of service and may allow code execution with privilege escalation. Public sources confirm the issue and its impact; Debian advisory notes fixed versi...

CVE-2021-40569

GPAC's GPAC mp4box binary (up to 1.0.1) contains a double-free vulnerability in iloc_entry_del within box_code_meta.c, enabling denial of service. The issue is corroborated by multiple sources (e.g., Debian DSA-5411-1), which notes exploitation potential and provides a patched Debian fix: gpac ve...

CVE-2021-40574

GPAC GPAC is affected: the MP4Box binary (GPAC) from 0.9.0-preview to 1.0.1 contains a double-free in gf_text_get_utf8_line (load_text.c), enabling denial of service and potentially code execution/privilege escalation. Debian advisory DSA-5411-1 fixes this in bullseye with gpac version 1.0.1+dfsg...

CVE-2021-40576

GPAC GNU GPAC 1.0.1 contains a null pointer dereference in gf_isom_get_payt_count (hint_track.c) that allows denial of service via MP4Box. The CVE-2021-40576 entry is confirmed across multiple trusted sources (NVD, CNVD, Debian DSAs) and is associated with the GPAC multimedia framework. Exploitat...

CVE-2021-40570

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avccomputepoc function in avparsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges...

CVE-2021-40569

The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the ilocentrydel funciton in boxcodemeta.c, which allows attackers to cause a denial of service...

CVE-2021-40570

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avccomputepoc function in avparsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges...

CVE-2021-40571

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilstboxread function in boxcodeapple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges...

CVE-2021-40569

The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the ilocentrydel funciton in boxcodemeta.c, which allows attackers to cause a denial of service...

CVE-2021-40567

Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gfodfsizedescriptor function in descprivate.c when using mp4box, which causes a denial of service...

CVE-2021-40574

The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gftextgetutf8line function in loadtext.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges...

CVE-2021-40575

The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmxprocess function in reframempgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-40566...

CVE-2021-40572

The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmxfinalize function in reframeav1.c, which allows attackers to cause a denial of service...