CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

CVE-2021-41458

CVE-2021-41458 affects GPAC MP4Box v1.1.0. Root cause is a stack buffer overflow at src/utils/error.c:1769, leading to a denial of service. Impact is stated as availability loss (Partial/High in some metrics; local or network vectors per sources). Remediation: upgrade GPAC to a version addressed ...

PT-2022-11413 · Unknown · Gpac Mp4Box

Name of the Vulnerable Software and Affected Versions: GPAC MP4Box version 1.1.0 Description: The issue is a stack buffer overflow at src/utils/error.c:1769, leading to a denial of service. Recommendations: For GPAC MP4Box version 1.1.0, update to a version that fixes the stack buffer overflow...

Information Disclosure

libgpac.so is vulnerable to information disclosure. A local attacker is able to gain access to sensitive user information due to a memory leak in the gfisomgetrootod function in MP4Box using a specifically crafted file...

Information Disclosure

libgpac.so is vulnerable to information disclosure. A local attacker is able to gain access to sensitive user information due to a memory leak in the infeboxread function in MP4Box using a specifically crafted file...

CVE-2022-30976

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-30976

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

DEBIAN-CVE-2022-30976

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

Heap overflow

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

UBUNTU-CVE-2022-30976

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-30976

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-30976

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-30976

CVE-2022-30976 concerns GPAC 2.0.0, where the Unicode utf8_wcslen (gf_utf8_wcslen) usage in utils/utf.c can cause a heap-based buffer over-read, as demonstrated by MP4Box. The concrete affected component is GPAC’s core handling of Unicode strings in utils/utf.c, leading to information disclosure ...

CVE-2022-30976

GPAC 2.0.0 misuses a certain Unicode utf8wcslen renamed gfutf8wcslen function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

DEBIAN-CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...