) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:gpac:gpac:2.3:2.3-dev-rev449-g5948e4f70-master:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-22749 |
GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577 Published: January 25, 2024; 11:15:09 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-0322 |
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. Published: January 08, 2024; 8:15:09 AM -0500 |
V4.0:(not available) V3.1: 9.1 CRITICAL V2.0:(not available) |
| CVE-2024-0321 |
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. Published: January 08, 2024; 8:15:09 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-46871 |
GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. Published: December 07, 2023; 1:15:08 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
| CVE-2023-5998 |
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. Published: November 07, 2023; 2:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-5595 |
Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. Published: October 16, 2023; 5:15:12 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-5586 |
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV. Published: October 14, 2023; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-4778 |
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. Published: September 05, 2023; 12:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-4722 |
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV. Published: September 01, 2023; 12:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-4721 |
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. Published: September 01, 2023; 12:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-4720 |
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV. Published: September 01, 2023; 12:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-4683 |
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. Published: August 31, 2023; 12:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-39562 |
GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted file. Published: August 28, 2023; 3:15:07 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-1655 |
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0. Published: March 27, 2023; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-0819 |
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. Published: February 13, 2023; 5:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-0818 |
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. Published: February 13, 2023; 5:15:13 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-0817 |
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV. Published: February 13, 2023; 5:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-29340 |
GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad. Published: May 05, 2022; 9:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2022-29339 |
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2. Published: May 05, 2022; 9:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |