4 matches found
External Control of File Name or Path
Overview streamlink is a Streamlink is a command-line utility that extracts streams from various services and pipes them into a video player of choice. Affected versions of this package are vulnerable to External Control of File Name or Path via the parsing process for HLS and DASH playlists or...
CVE-2025-59728
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...
The vulnerability of the gf_dash_group_get_audio_channels() function (media_tools/dash_client.c) in the MP4Box utility of the GPAC multimedia platform allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the gfdashgroupgetaudiochannels function mediatools/dashclient.c in the MP4Box utility of the GPAC multimedia platform is related to the pointer manipulation during the processing of DASH manifests. Exploiting this vulnerability could allow an attacker to execute arbitrary co...
The vulnerability of the gf_dash_group_get_audio_channels() function (media_tools/dash_client.c) in the MP4Box utility of the GPAC multimedia platform allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the gfdashgroupgetaudiochannels function mediatools/dashclient.c in the MP4Box utility of the GPAC multimedia platform is related to the pointer manipulation during the processing of DASH manifests. Exploiting this vulnerability could allow an attacker to execute arbitrary co...