pkg:Debian/gpac
364 total CVEsCRITICAL14HIGH132MEDIUM211LOW6
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2023-46427An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial…from 0
- CRITICAL9.8CVE-2024-0321Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.from 0
- CRITICAL9.8CVE-2023-46932Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a…from 0
- from 0
- CRITICAL9.8CVE-2022-36190GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- CRITICAL9.8CVE-2021-28300NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack()" function of GPAC v0.5.2 allows attackers to execute arbitrary co…from 0, < 1.0.1+dfsg1-4
- CRITICAL9.8CVE-2020-11558An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-2
- from 0, < 0.5.2-426-gc5ad4e4+dfsg5-4.1
- from 0, < 0.5.0+svn5324~dfsg1-1+deb8u1
- from 0, < 0.5.2-426-gc5ad4e4+dfsg5-4.1
- from 0
- from 0
- from 0, < 1.0.1+dfsg1-2
- HIGH8.8CVE-2023-46426Heap-based Buffer Overflow vulnerability in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary cod…from 0
- HIGH8.8CVE-2023-0841A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded.from 0
- HIGH8.8CVE-2022-4202A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master.from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH8.8CVE-2021-21850An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content libra…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21849An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content libra…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21848An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content libra…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21842An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content libra…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21841An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content libra…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21840An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content libra…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21836An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content libra…from 0, < 1.0.1+dfsg1-4+deb11u1
- from 0, < 1.0.1+dfsg1-4+deb11u1
- from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21858Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21857Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21855Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21854Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21853Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21852Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH8.8CVE-2021-21847Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21846Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21845Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21844Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21843Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21839Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21838Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21837Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Conten…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21861An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content lib…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21860An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content lib…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.8CVE-2021-21859An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content lib…from 0, < 1.0.1+dfsg1-4+deb11u1
- HIGH8.4CVE-2025-25723Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code.from 0
- HIGH8.2CVE-2025-70298GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function.from 0
- from 0
- from 0
- from 0
- HIGH7.8CVE-2022-47090GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c, check…from 0
- HIGH7.8CVE-2024-50664gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box.from 0
- HIGH7.8CVE-2024-22749GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_w…from 0
- HIGH7.8CVE-2023-48014GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools…from 0
- HIGH7.8CVE-2023-48013GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_cor…from 0
- HIGH7.8CVE-2023-48011GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isom…from 0
- from 0
- from 0
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2023-1449A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic.from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2023-1448A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u3
- from 0, < 1.0.1+dfsg1-4+deb11u3
- HIGH7.8CVE-2023-23145GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function.from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2023-23143Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0
- HIGH7.8CVE-2022-47663GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-47661GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_byt…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-47660GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.cfrom 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-47659GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_datafrom 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-47657GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-47654GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c…from 0
- HIGH7.8CVE-2022-47095GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.cfrom 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-47094GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pidfrom 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-47093GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pidfrom 0
- HIGH7.8CVE-2022-47091GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.cfrom 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-45283GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-45343GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquan…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-45202GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-43042GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function FixSDTPInTRAF at isomedia/isom_inte…from 0
- HIGH7.8CVE-2022-38530GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0
- HIGH7.8CVE-2022-1441MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion.from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2022-24578GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0
- from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2021-40574The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c,…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2021-40571The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers t…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2021-40570The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2021-40568A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, whic…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2021-36417A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial o…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2021-36414A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.8CVE-2021-36412A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows att…from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-2
- HIGH7.8CVE-2021-32268Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code.from 0, < 1.0.1+dfsg1-2
- HIGH7.8CVE-2021-33362Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or exe…from 0
- HIGH7.8CVE-2021-32136Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary…from 0
- HIGH7.8CVE-2021-32439Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary…from 0
- from 0, < 1.0.1+dfsg1-4
- from 0, < 1.0.1+dfsg1-4
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4
- HIGH7.8CVE-2021-29279There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1.from 0, < 1.0.1+dfsg1-4
- HIGH7.8CVE-2021-31255Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary co…from 0, < 1.0.1+dfsg1-4
- from 0, < 1.0.1+dfsg1-2
- HIGH7.8CVE-2019-11222gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.x…from 0, < 0.5.2-426-gc5ad4e4+dfsg5-5
- from 0, < 0.5.2-426-gc5ad4e4+dfsg5-5
- from 0, < 0.5.0+svn5324~dfsg1-1+deb8u3
- HIGH7.8CVE-2018-20763In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of…from 0, < 0.5.2-426-gc5ad4e4+dfsg5-4.1
- HIGH7.8CVE-2018-20762GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c w…from 0, < 0.5.2-426-gc5ad4e4+dfsg5-4.1
- HIGH7.8CVE-2018-20761GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.from 0, < 0.5.2-426-gc5ad4e4+dfsg5-4.1
- from 0, < 0.5.2-426-gc5ad4e4+dfsg5-4.1
- from 0, < 0.5.0+svn5324~dfsg1-1+deb8u2
- HIGH7.8CVE-2018-7752GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than…from 0, < 0.5.2-426-gc5ad4e4+dfsg5-4.1
- from 0
- HIGH7.5CVE-2025-70307A stack overflow in the dump_ttxt_sample function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.from 0
- HIGH7.5CVE-2025-70308An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted…from 0
- HIGH7.5CVE-2025-70304A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a cra…from 0
- HIGH7.5CVE-2024-24267gpac v2.2.1 (fixed in v2.4.0) was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function.from 0
- HIGH7.5CVE-2024-24266gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c.from 0
- HIGH7.5CVE-2024-24265gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function.from 0
- from 0
- from 0
- from 0
- HIGH7.5CVE-2022-29339In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service.from 0
- HIGH7.5CVE-2021-45266A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault a…from 0
- HIGH7.5CVE-2021-41459There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.5CVE-2021-41457There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulne…from 0, < 1.0.1+dfsg1-4+deb11u2
- HIGH7.5CVE-2021-41456There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter wh…from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-2
- HIGH7.5CVE-2019-13618In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in me…from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- HIGH7.1CVE-2024-28318gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain a out of boundary write vulnerability via swf_get_string at scene_manager/s…from 0
- HIGH7.1CVE-2023-48090GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.from 0
- from 0
- from 0
- from 0
- HIGH7.1CVE-2022-30976GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-re…from 0
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- MEDIUM6.5CVE-2025-70299A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted AVI…from 0
- from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM6.5CVE-2018-21016audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buff…from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 0.5.0+svn5324~dfsg1-1+deb8u5
- from 0
- MEDIUM6.2CVE-2024-28319gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gf_dash_setup_period media_tools/…from 0
- MEDIUM5.5CVE-2025-60495A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of GPAC Project/MP4Box before 26.02.0 allows a…from 0
- MEDIUM5.5CVE-2025-60486A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a…from 0
- MEDIUM5.5CVE-2025-60485A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GPAC Project/MP4Box before 26.02.0 allows att…from 0
- MEDIUM5.5CVE-2025-60483A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before…from 0
- MEDIUM5.5CVE-2025-60481A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attacker…from 0
- MEDIUM5.5CVE-2025-55664A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of S…from 0
- from 0
- MEDIUM5.5CVE-2026-39103Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of servi…from 0
- MEDIUM5.5CVE-2025-70303A heap overflow in the uncv_parse_config() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 fi…from 0
- MEDIUM5.5CVE-2025-70302A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted…from 0
- MEDIUM5.5CVE-2025-70310A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg fi…from 0
- MEDIUM5.5CVE-2025-70309A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted W…from 0
- MEDIUM5.5CVE-2025-70305A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file.from 0
- from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2024-50665gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box.from 0
- MEDIUM5.5CVE-2023-4679A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/f…from 0
- from 0
- from 0
- MEDIUM5.5CVE-2024-6062A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic.from 0
- MEDIUM5.5CVE-2024-6061A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic.from 0
- MEDIUM5.5CVE-2023-47465An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/i…from 0
- MEDIUM5.5CVE-2023-48958gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589.from 0
- MEDIUM5.5CVE-2023-48039GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.from 0
- MEDIUM5.5CVE-2023-47384MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom…from 0
- MEDIUM5.5CVE-2023-46001Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via th…from 0
- MEDIUM5.5CVE-2023-46928GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:…from 0
- MEDIUM5.5CVE-2023-46927GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in…from 0
- MEDIUM5.5CVE-2023-46931GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in…from 0
- MEDIUM5.5CVE-2023-46930GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c…from 0
- from 0
- MEDIUM5.5CVE-2023-42298An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of fi…from 0
- MEDIUM5.5CVE-2023-41000GPAC through 2.2.1 has a use-after-free vulnerability in the function gf_bifs_flush_command_list in bifs/memory_decoder.c.from 0
- from 0
- from 0
- from 0
- from 0
- from 0
- MEDIUM5.5CVE-2023-4722Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.from 0
- from 0
- MEDIUM5.5CVE-2023-4720Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.from 0
- from 0
- from 0
- from 0
- from 0
- MEDIUM5.5CVE-2023-39562GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c.from 0
- MEDIUM5.5CVE-2023-37767GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib…from 0
- MEDIUM5.5CVE-2023-37766GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/…from 0
- MEDIUM5.5CVE-2023-37765GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libg…from 0
- MEDIUM5.5CVE-2023-37174GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedu…from 0
- from 0
- from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2023-23144Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-47662GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:6…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-47086GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.cfrom 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-46490GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.from 0
- MEDIUM5.5CVE-2022-46489GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.from 0
- MEDIUM5.5CVE-2022-43255GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_odf_new_iod at odf/odf_code.c.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-43254GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_list_new at utils/list.c.from 0
- MEDIUM5.5CVE-2022-43045GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_ma…from 0
- MEDIUM5.5CVE-2022-43044GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_get_meta_item_info at /is…from 0
- MEDIUM5.5CVE-2022-43043GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BD_CheckSFTimeOffset at /bifs/fie…from 0
- from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-36191A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0
- MEDIUM5.5CVE-2021-40944In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40609The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40608The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40607The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.from 0
- MEDIUM5.5CVE-2021-40606The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40942In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demo…from 0
- MEDIUM5.5CVE-2021-41458In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40592GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-29537gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-27147GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-27145GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2022-1035Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV.from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0
- MEDIUM5.5CVE-2022-24574GPAC 1.0.1 is affected by a NULL pointer dereference in gf_dump_vrml_field.isra ().from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46313The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function __memmove_avx_unaligned_erms ().from 0
- MEDIUM5.5CVE-2021-46311A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_destroy_routes () at scenegraph/vrml_route.c.from 0
- MEDIUM5.5CVE-2021-46240A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_dump_vrml_sffield () at scene_manager/scene_dump.c.from 0
- MEDIUM5.5CVE-2021-46239The binary MP4Box in GPAC v1.1.0 was discovered to contain an invalid free vulnerability via the function gf_free () at utils/alloc.c.from 0
- MEDIUM5.5CVE-2021-46238GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at scenegraph/base_scenegraph.c.from 0
- MEDIUM5.5CVE-2021-46237An untrusted pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c.from 0
- MEDIUM5.5CVE-2021-46236A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_vrml_field_pointer_del () at scenegraph/vrml_tools.c.from 0
- MEDIUM5.5CVE-2021-46234A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c.from 0
- MEDIUM5.5CVE-2021-45767GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id().from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45764GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra().from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45763GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed().from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45762GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset().from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45760GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last().from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40576The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40575The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which a…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40573The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in list.c, which allows attackers to cause a de…from 0
- MEDIUM5.5CVE-2021-40572The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a d…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40569The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows att…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40567Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box,…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40566A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40565A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40564A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_pa…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40563A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config funct…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40562A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch fun…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-40559A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2020-25427A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id functio…from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2021-46051A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46049A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46047A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_finalize function.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46046A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the gf_isom_box_size function, which could cause a Denial of Service (context-dependent…from 0, < 1.0.1+dfsg1-4+deb11u2
- from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46044A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent).from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46043A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46042A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46041A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46040A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46039A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (contex…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-46038A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent).from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45831A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45267An invalid memory address dereference vulnerability exists in gpac 1.1.0 via the svg_node_start function, which causes a segmentation fault…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45263An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and ap…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45262An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application cr…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45260A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, which causes a segmentation fault and appli…from 0
- MEDIUM5.5CVE-2021-45259An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, which causes a segmentation fault and app…from 0
- MEDIUM5.5CVE-2021-45258A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function, which causes a segmentation fault and applicat…from 0
- MEDIUM5.5CVE-2021-44927A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, which causes a segmentation fault and a…from 0
- MEDIUM5.5CVE-2021-44926A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and ap…from 0
- MEDIUM5.5CVE-2021-44925A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault…from 0
- MEDIUM5.5CVE-2021-44924An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service.from 0
- MEDIUM5.5CVE-2021-44923A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation faul…from 0
- MEDIUM5.5CVE-2021-44922A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and a…from 0
- MEDIUM5.5CVE-2021-44921A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentati…from 0
- MEDIUM5.5CVE-2021-44920An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation f…from 0
- MEDIUM5.5CVE-2021-44919A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault an…from 0
- MEDIUM5.5CVE-2021-44918A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and a…from 0
- from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45292The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a c…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45291The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a cra…from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-45288A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box comm…from 0
- MEDIUM5.5CVE-2020-22679Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted inpu…from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2020-22673Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2021-33365Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-33363Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-33361Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-32139The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted fil…from 0
- MEDIUM5.5CVE-2021-32138The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the…from 0
- MEDIUM5.5CVE-2021-33366Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-33364Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.from 0, < 1.0.1+dfsg1-4+deb11u2
- MEDIUM5.5CVE-2021-32135The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the…from 0
- MEDIUM5.5CVE-2021-32132The abst_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the…from 0
- MEDIUM5.5CVE-2021-32137Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute a…from 0
- MEDIUM5.5CVE-2021-32134The gf_odf_desc_copy function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in…from 0
- MEDIUM5.5CVE-2021-32440The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file…from 0
- MEDIUM5.5CVE-2021-32438The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted f…from 0
- MEDIUM5.5CVE-2021-32437The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file i…from 0
- from 0
- MEDIUM5.5CVE-2020-24829An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2020-22352The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a craf…from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2020-19488An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read…from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2021-30199In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called.from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-30022There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1.from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-30020In the function gf_hevc_read_pps_bs_internal function in media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with crafted file, p…from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-30019In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0.1, a crafted file may cause ctx->hdr.frame_size to be smaller than c…from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-30015There is a Null Pointer Dereference in function filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC 1.0.1.from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-30014There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which…from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-31262The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file…from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-31261The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command.from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-31260The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP…from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-31258The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafte…from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-31257The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4B…from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2021-31256Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.from 0, < 1.0.1+dfsg1-4
- MEDIUM5.5CVE-2019-20632An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20631An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20630An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20629An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20628An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box.from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20208dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20171An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20170An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20165An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20163An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20162An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.from 0, < 1.0.1+dfsg1-2
- MEDIUM5.5CVE-2019-20161An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.from 0, < 1.0.1+dfsg1-2
- from 0, < 0.5.0+svn5324~dfsg1-1+deb8u4
- from 0, < 1.0.1+dfsg1-2
- MEDIUM5.3CVE-2026-7135A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master.from 0
- from 0
- from 0
- MEDIUM5.3CVE-2023-46871GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300.from 0
- MEDIUM5.0CVE-2022-1172Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV.from 0
- MEDIUM4.3CVE-2025-70116A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing de…from 0
- from 0
- from 0
- from 0
- from 0
- from 0
- from 0
- from 0