Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.

Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.

gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589.

GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.

GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.

MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.

Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.

NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV.

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.

Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.

Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.

GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.

In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.