GPAC security vulnerabilities

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 26.02.0 contained security vulnerabilities. These vulnerabilities were caused by a null pointer dereferencing in the gfac4presb4backchannelspresent function, which could lead to a denial-of-service attack...

UBUNTU-CVE-2026-33144

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

CVE-2026-33144

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC 2.5-DEV-rev2167-gcc9d617c0-master and earlier versions have security vulnerabilities. These vulnerabilities stem from incorrect handling of the parameter szName in the file src/scenemanager/swfparse.c, which may lead ...

The vulnerability of the gf_odf_ac4_cfg_alternative_info function in the MP4Box utility of the GPAC multimedia platform allows a perpetrator to cause a service failure or execute arbitrary code.

The vulnerability of the gfodfac4cfgalternativeinfo function in the MP4Box utility of the GPAC multimedia platform is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

The vulnerability of the gf_filter_pid_get_packet function in the MP4Box utility of the GPAC multimedia platform allows a intruder to cause a service failure or execute arbitrary code.

The vulnerability of the gffilterpidgetpacket function in the MP4Box utility of the GPAC multimedia platform is related to the pointer being set to an expired value. Exploiting this vulnerability could allow a attacker to cause service failures or execute arbitrary code...

PT-2025-30032 · Gnu +1 · Gpac +1

Уязвимость функции gf ac4 parser bs утилиты MP4Box мультимедийной платформы GPAC связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании или выполнить произвольный код...

PT-2025-29849 · Gnu +1 · Gpac +1

Уязвимость функции gf filter pid reconfigure task discard файла src/filter core/filter pid.c, мультимедийной платформы GPAC связана с выходом операции за границы буфера в памяти в результате разыменования указателя с истекшим сроком действия. Эксплуатация уязвимости может позволить нарушителю...

PT-2025-29850 · Gnu +1 · Gpac +1

Уязвимость компонента naludmx configure pid функции gf sei load from state internal файла filters/sei load.c, мультимедийной платформы GPAC связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании за счет аварийного завершения...

The vulnerability of the multimedia platform GPAC, related to the assignment of the NULL pointer, allows a perpetrator to trigger a service failure.

The vulnerability of the multimedia platform GPAC is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the gf_hevc_read_sps_bs_internal function in the MP4Box module of the GPAC multimedia platform allows a hacker to execute arbitrary code.

The vulnerability of the gfhevcreadspsbsinternal function in the MP4Box module of the GPAC multimedia platform is related to integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

ROS-20250424-04

The GPAC multimedia platform vulnerability involves uncontrolled resource consumption. Exploitation The vulnerability could allow an attacker to cause a denial of service A vulnerability in a function in gfm2tsprocesspmt of the GPAC multimedia platform is related to buffer copying without checkin...

The vulnerability of the `gf_opus_parse_packet_header` function in the `media_tools/av_parsers.c` file, implemented by the MP4Box packaging tool for the GPAC multimedia platform, allows a hacker to trigger a service failure.

The vulnerability of the gfopusparsepacketheader function in the mediatools/avparsers.c file, belonging to the MP4Box packaging tool of the GPAC multimedia platform, is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to cause a service...

The vulnerability of the dasher_configure_pid() function on the GPAC multimedia platform allows a intruder to trigger a service failure.

The vulnerability of the dasherconfigurepid function on the GPAC multimedia platform is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

ROS-20240923-03

A vulnerability in the gffilterpidpidmergepropertiesinternal function of the GPAC multimedia platform, related to a The lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service Vulnerability in the...

ROS-20240902-06

Vulnerability of swfgetstring function of GPAC multimedia platform, is related to the operation exceeding the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the gfdashsetupperio...

ROS-20240808-01

A vulnerability in the gfm2tsprocesssdt function of the GPAC multimedia platform is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the gffwrite component of the GPAC Multimedia Platform is...

GPAC Resource Management Error Vulnerability

GPAC is an open source multimedia framework. A resource management error vulnerability exists in GPAC version 2.5-DEV-rev228-g11067ea92-master, which stems from mishandling of related functions, leading to reuse after release...

ROS-20240412-05

A vulnerability in the gfisomnewgenericsampledescription function of the GPAC multimedia platform is related to the buffer copying without checking the input size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

The vulnerability in the `src/media_tools/avilib.c` file of the multimedia platform GPAC allows a hacker to execute arbitrary code.

The vulnerability in the src/mediatools/avilib.c file of the multimedia platform GPAC is related to the ability to write beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...