CVE-2022-36190

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gfisomdoviconfigget. This vulnerability was fixed in commit fef6242...

CVE-2022-36190

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gfisomdoviconfigget. This vulnerability was fixed in commit fef6242...

CVE-2022-36191

A heap-buffer-overflow had occurred in function gfisomdoviconfigget of isomedia/avcext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242...

CVE-2022-36191

A heap-buffer-overflow had occurred in function gfisomdoviconfigget of isomedia/avcext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242...

CVE-2022-36190

GPAC mp4box 2.1-DEV-revUNKNOWN-master is affected by a use-after-free in gf_isom_dovi_config_get. The CVE-2022-36190 entry (NVD CVSS v3.1: 9.8, Critical) notes this vulnerability; a fix was applied in commit fef6242. Affected component is GPAC’s mp4box; no exploitation details are provided in the...

CVE-2022-36191

CVE-2022-36191 affects GPAC (gf_isom_dovi_config_get in isomedia/avc_ext.c:2490) where a heap-buffer-overflow could be triggered by MP4Box. The vulnerability is characterized by local attack vector with user interaction (per NVD) and can lead to high impact on availability. The issue has a public...

GPAC 资源管理错误漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC mp4box 2.1-DEV-revUNKNOWN-master, which stems from a post-release reuse of its gfisomdoviconfigget function...

GPAC MP4box 安全漏洞

GPAC MP4Box is multimedia packager. It is mainly used to work with ISOBMF files e.g. MP4, 3GP, but can also be used to import/export media from container files such as AVI, MPG, MKV, MPEG-2 TS, etc. A security vulnerability exists in GPAC MP4box version 2.1-DEV-rev574-g9d5bb184b, which stems from...

Null Pointer Dereference Caused Segmentation Fault

Description Null pointer dereference caused segmentation fault. This can cause Denial-of -service attack. version smlijun@ubuntu:/gpacasan/bin/gcc$ ./MP4Box -version MP4Box - GPAC version 2.1-DEV-rev243-gf87b12b32-master c 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Plea...

GPAC Denial of Service Vulnerability (CNVD-2022-59870)

GPAC is a multimedia framework. GPAC version 1.0.1 suffers from a denial of service vulnerability that stems from the gfhintertrackfinalize function not doing the correct handling of incoming error messages. An attacker could exploit this vulnerability to cause a denial of service via a specially...

GPAC Denial of Service Vulnerability (CNVD-2022-59871)

GPAC is a multimedia framework. GPAC MP4Box version 1.1.0 suffers from a denial of service vulnerability that originates in the gfhintertrackfinalize function. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the MP4Box command...

GPAC Denial of Service Vulnerability (CNVD-2022-59869)

GPAC is a multimedia framework. a denial of service vulnerability exists in GPAC version 1.0.1, which originates from the gfbswritedata function. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the MP4Box command...

GPAC Denial of Service Vulnerability (CNVD-2022-59868)

GPAC is a multimedia framework. a denial of service vulnerability exists in GPAC version 1.0.1, which originates from the GetHintFormat function. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the MP4Box command...

Integer Overflow in function lsr_translate_coords

Description Integer Overflow in function lsrtranslatecoords at laser/lsrdec.c:853 gpac version git log commit ea3af7c8242d1a82657dc3a518df5a5b1b5e27ed HEAD - master, origin/master, origin/HEAD Author: Romain Bouqueau Date: Tue Jun 28 19:25:58 2022 +0200 POC ./MP4Box -bt ./pocintof1s.dat...

Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. A remote attacker is able to cause denial of service conditions via the gfhintertrackfinalize function by injecting a maliciously crafted file through the MP4Box command...

Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. The vulnerability exists in the GetHintFormat function of hinttrack.c which allows an attacker to crash the application by providing a maliciously crafted file to the MP4Box command...

Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. The vulnerability exists in the gfhinterfinalize function of isomhinter.c, allowing an attacker to crash the application by providing a maliciously crafted file to the MP4Box command...

Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. The vulnerability exists through the heap-buffer-overflow in the schmboxread function of boxcodedrm.c because the function does not properly check the length of URI, allowing an attacker to crash the application by providing a maliciously crafted fil...

CVE-2021-40606

The gfbswritedata function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...

DEBIAN-CVE-2021-40607

The schmboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...