CVE-2019-20632

GPAC libgpac.a (GPAC) before 0.8.0 contains an invalid pointer dereference in gf_odf_delete_descriptor (odf/desc_private.c) that can cause denial of service when processing a crafted MP4 file. This affects MP4Box as demonstrated in GPAC, with CVE-2019-20632 reported across multiple sources (RH, N...

Null pointer dereference

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gfisomgetoriginalformattype at isomedia/drmsample.c in libgpac.a, as demonstrated by MP4Box...

Heap overflow

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGFIPMPXRemoveToolNotificationListener in odf/ipmpxcode.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12483

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGFIPMPXRemoveToolNotificationListener in odf/ipmpxcode.c in libgpac.a, as demonstrated by MP4Box...

DEBIAN-CVE-2019-12482

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gfisomgetoriginalformattype at isomedia/drmsample.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12482

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gfisomgetoriginalformattype at isomedia/drmsample.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12483

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGFIPMPXRemoveToolNotificationListener in odf/ipmpxcode.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12481

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box...

Null pointer dereference

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12481

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12481

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12483

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGFIPMPXRemoveToolNotificationListener in odf/ipmpxcode.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12483

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGFIPMPXRemoveToolNotificationListener in odf/ipmpxcode.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12483

CVE-2019-12483 concerns GPAC 0.7.1, with a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener (odf/ipmpx_code.c in libgpac.a), as demonstrated by MP4Box. The connected sources (OSV entries, Debian/NASL notes) consistently describe this vulnerability and its pre...

CVE-2019-12482

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gfisomgetoriginalformattype at isomedia/drmsample.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12482

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gfisomgetoriginalformattype at isomedia/drmsample.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12482

GPAC 0.7.1 contains a NULL pointer dereference in gf_isom_get_original_format_type (isomedia/drm_sample.c) within libgpac.a, demonstrated by MP4Box (CVE-2019-12482). This CVE is documented in multiple sources (including OSV/NVD entries) with network-scale impact and HIGH severity per CVSSv3 (AV:N...

CVE-2019-12481

An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box...

CVE-2019-12481

The CVE-2019-12481 vulnerability affects GPAC 0.7.1, with a NULL pointer dereference in the GetESD function located in isomedia/track.c of libgpac.a (as demonstrated by MP4Box). The connected documents corroborate a GPAC NULL pointer dereference issue but do not provide new exploit details or a c...

Updated gpac packages fix security vulnerability

It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations. If an user or automated system were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service, or possibly execu...