Page 13 of 175 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c • https://github.com/gpac/gpac/issues/2346 https://www.debian.org/security/2023/dsa-5411 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. Se descubrió que GPAC v2.1-DEV-rev428-gcb8ae46c8-master contenía un desbordamiento de pila a través de la función dimC_box_read en isomedia/box_code_3gpp.c. • https://github.com/gpac/gpac/issues/2296 https://www.debian.org/security/2023/dsa-5411 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via the function dimC_box_read at isomedia/box_code_3gpp.c. Se descubrió que GPAC v2.1-DEV-rev428-gcb8ae46c8-master contenía una pérdida de memoria a través de la función dimC_box_read en isomedia/box_code_3gpp.c. • https://github.com/gpac/gpac/issues/2307 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c. Se descubrió que GPAC v2.1-DEV-rev478-g696e6f868-master contenía un montón de use-after-free a través de la función Q_IsTypeOn en /gpac/src/bifs/unquantize.c. • https://github.com/gpac/gpac/issues/2315 https://www.debian.org/security/2023/dsa-5411 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. • https://github.com/gpac/gpac/commit/2191e66aa7df750e8ef01781b1930bea87b713bb https://vuldb.com/?id.213463 https://www.debian.org/security/2023/dsa-5411 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •