CVE-2021-33365

Memory leak in the gfisomgetrootod function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

CVE-2021-33366

Memory leak in the gfisomoinfreadentry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

PT-2021-6545 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC versions 1.0.1 Description: The issue is related to a memory leak in the def parent box new function of the MP4Box component in the GPAC multimedia platform. This leak occurs due to incorrect memory deallocation before the last reference...

PT-2021-6535 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue is related to a memory leak in the afra box read function in MP4Box, a component of the GPAC multimedia platform. This allows attackers to read memory via a crafted file, potentially giving them acces...

PT-2021-6519 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue is related to a memory leak in the infe box read function of the MP4Box component in the GPAC multimedia platform. This allows attackers to read memory via a crafted file, potentially giving them acce...

CVE-2021-33364

Memory leak in the defparentboxnew function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

CVE-2021-33363

Memory leak in the infeboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

CVE-2021-33363

GPAC (MP4Box) vulnerability CVE-2021-33363 due to a memory leak in infe_box_read in version 1.0.1. This could allow memory reads via a crafted file. Public disclosures place affected packages in GPAC 1.0.1; Debian and Gentoo advisories recommend upgrading to fixed releases (Debian: 1.0.1+dfsg1-4+...

CVE-2021-33365

Memory leak in the gfisomgetrootod function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

CVE-2021-33364

Memory leak in the defparentboxnew function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

CVE-2021-33366

Memory leak in the gfisomoinfreadentry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

CVE-2021-33363

Memory leak in the infeboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

CVE-2021-33361

Memory leak in the afraboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

Denial Of Service (DoS)

gpac:bullseye is vulnerable to denial of service. The gfdashsegmenterprobeinput function in GPAC v0.8 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

GPAC Project Advanced Content MPEG-4 Decoding multiple integer addition overflow vulnerabilities

Summary Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer...

GPAC Buffer Overflow Vulnerability (CNVD-2021-82990)

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a buffer overflow vulnerability exists in the stblAppendSize function in MP4Box in GPAC version 1.0.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service or...

GPAC null pointer dereference vulnerability (CNVD-2021-82988)

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. gfhinterfinalize function in GPAC version 1.0.1 is vulnerable to null pointer dereference. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the MP4Box...

GPAC null pointer dereference vulnerability (CNVD-2021-82989)

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. gfmediaexportfilters function in GPAC version 1.0.1 is vulnerable to a null pointer dereference. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the...

GPAC null pointer dereference vulnerability (CNVD-2021-82991)

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a null pointer dereference vulnerability exists in the MediaRewriteODFrame function in GPAC version 1.0.1. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted fil...

CVE-2021-32440

The MediaRewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...