CVE-2019-20632

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gfodfdeletedescriptor in odf/descprivate.c that can cause a denial of service via a crafted MP4 file...

CVE-2022-43254

GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gflistnew at utils/list.c...

ROS-20250430-03

A vulnerability in the GPAC multimedia platform is related to a heap buffer overflow in the isomedia/sampledescs.c:1799, in gfisomnewmphadescription in gpac/MP4Box. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the GPAC multimedia platfo...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : GPAC vulnerabilities (USN-7320-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7320-1 advisory. It was discovered that the GPAC MP4Box utility incorrectly handled certain AC3 files, which...

USN-7320-1: GPAC vulnerabilities

It was discovered that the GPAC MP4Box utility incorrectly handled certain AC3 files, which could lead to an out-of-bounds read. A remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service system crash. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24....

GLSA-202408-21 : GPAC: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202408-21 GPAC: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GPAC. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...