CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-47095
https://notcve.org/view.php?id=CVE-2022-47095
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c • https://github.com/gpac/gpac/issues/2346 https://www.debian.org/security/2023/dsa-5411 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-45283
https://notcve.org/view.php?id=CVE-2022-45283
GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c. Se descubrió que GPAC MP4box v2.0.0 contenía un desbordamiento de pila en el parámetro smil_parse_time_list en /scenegraph/svg_attributes.c. • https://github.com/gpac/gpac/issues/2295 https://www.debian.org/security/2023/dsa-5411 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-4202 – GPAC lsr_dec.c lsr_translate_coords integer overflow
https://notcve.org/view.php?id=CVE-2022-4202
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1HVWa6IpAbvsMS5rx091RfjUB4GfXrMLE/view https://github.com/gpac/gpac/commit/b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908 https://github.com/gpac/gpac/issues/2333 https://vuldb.com/?id.214518 https://www.debian.org/security/2023/dsa-5411 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-45202
https://notcve.org/view.php?id=CVE-2022-45202
GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. Se descubrió que GPAC v2.1-DEV-rev428-gcb8ae46c8-master contenía un desbordamiento de pila a través de la función dimC_box_read en isomedia/box_code_3gpp.c. • https://github.com/gpac/gpac/issues/2296 https://www.debian.org/security/2023/dsa-5411 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-45204
https://notcve.org/view.php?id=CVE-2022-45204
GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via the function dimC_box_read at isomedia/box_code_3gpp.c. Se descubrió que GPAC v2.1-DEV-rev428-gcb8ae46c8-master contenía una pérdida de memoria a través de la función dimC_box_read en isomedia/box_code_3gpp.c. • https://github.com/gpac/gpac/issues/2307 • CWE-401: Missing Release of Memory after Effective Lifetime •