CVE-2022-45202
https://notcve.org/view.php?id=CVE-2022-45202
GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. Se descubrió que GPAC v2.1-DEV-rev428-gcb8ae46c8-master contenía un desbordamiento de pila a través de la función dimC_box_read en isomedia/box_code_3gpp.c. • https://github.com/gpac/gpac/issues/2296 https://www.debian.org/security/2023/dsa-5411 • CWE-787: Out-of-bounds Write •
CVE-2022-45204
https://notcve.org/view.php?id=CVE-2022-45204
GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via the function dimC_box_read at isomedia/box_code_3gpp.c. Se descubrió que GPAC v2.1-DEV-rev428-gcb8ae46c8-master contenía una pérdida de memoria a través de la función dimC_box_read en isomedia/box_code_3gpp.c. • https://github.com/gpac/gpac/issues/2307 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2022-45343
https://notcve.org/view.php?id=CVE-2022-45343
GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c. Se descubrió que GPAC v2.1-DEV-rev478-g696e6f868-master contenía un montón de use-after-free a través de la función Q_IsTypeOn en /gpac/src/bifs/unquantize.c. • https://github.com/gpac/gpac/issues/2315 https://www.debian.org/security/2023/dsa-5411 • CWE-416: Use After Free •
CVE-2022-3957 – GPAC SVG Parser svg_attributes.c svg_parse_preserveaspectratio memory leak
https://notcve.org/view.php?id=CVE-2022-3957
A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. • https://github.com/gpac/gpac/commit/2191e66aa7df750e8ef01781b1930bea87b713bb https://vuldb.com/?id.213463 https://www.debian.org/security/2023/dsa-5411 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVE-2022-43254
https://notcve.org/view.php?id=CVE-2022-43254
GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_list_new at utils/list.c. Se descubrió que GPAC v2.1-DEV-rev368-gfd054169b-master contenía una pérdida de memoria a través del componente gf_list_new en utils/list.c. • https://github.com/gpac/gpac/issues/2284 • CWE-401: Missing Release of Memory after Effective Lifetime •