CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2CVE-2023-46871
https://notcve.org/view.php?id=CVE-2023-46871
07 Dec 2023 — GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. La versión 2.3-DEV-rev602-ged8424300-master de GPAC en MP4Box contiene una pérdida de memoria en NewSFDouble scenegraph/vrml_tools.c:300. Esta vulnerabilidad puede provocar una denegación de servicio. • https://gist.github.com/ReturnHere/d0899bb03b8f5e8fae118f2b76888486 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48958
https://notcve.org/view.php?id=CVE-2023-48958
07 Dec 2023 — gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589. gpac 2.3-DEV-rev617-g671976fcc-master contiene pérdidas de memoria en gf_mpd_resolve_url media_tools/mpd.c:4589. • https://gist.github.com/dr0v/1204f7a5f1e1497e7bca066638acfbf5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48039
https://notcve.org/view.php?id=CVE-2023-48039
20 Nov 2023 — GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75. GPAC 2.3-DEV-rev617-g671976fcc-master es vulnerable a pérdidas de memoria en gf_mpd_parse_string media_tools/mpd.c:75. • https://github.com/gpac/gpac/issues/2679 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48090
https://notcve.org/view.php?id=CVE-2023-48090
20 Nov 2023 — GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329. GPAC 2.3-DEV-rev617-g671976fcc-master es vulnerable a pérdidas de memoria en extract_attributes media_tools/m3u8.c:329. • https://github.com/gpac/gpac/issues/2680 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48011
https://notcve.org/view.php?id=CVE-2023-48011
15 Nov 2023 — GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c. Se descubrió que GPAC v2.3-DEV-rev566-g50c2ab06f-master contiene un heap-use-after-free a través de la función flush_ref_samples en /gpac/src/isomedia/movie_fragments.c. • https://github.com/gpac/gpac/commit/c70f49dda4946d6db6aa55588f6a756b76bd84ea • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48014
https://notcve.org/view.php?id=CVE-2023-48014
15 Nov 2023 — GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c. Se descubrió que GPAC v2.3-DEV-rev566-g50c2ab06f-master contenía un desbordamiento de pila a través de la función hevc_parse_vps_extension en /media_tools/av_parsers.c. • https://github.com/gpac/gpac/commit/66abf0887c89c29a484d9e65e70882794e9e3a1b • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48013
https://notcve.org/view.php?id=CVE-2023-48013
15 Nov 2023 — GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c. Se descubrió que GPAC v2.3-DEV-rev566-g50c2ab06f-master contiene un doble libre a través de la función gf_filterpacket_del en /gpac/src/filter_core/filter.c. • https://github.com/gpac/gpac/commit/cd8a95c1efb8f5bfc950b86c2ef77b4c76f6b893 • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47384
https://notcve.org/view.php?id=CVE-2023-47384
14 Nov 2023 — MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. Se descubrió que MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master contenía una pérdida de memoria en la función gf_isom_add_chapter en /isomedia/isom_write.c. Esta vulnerabilidad permite a los atacantes provocar una Denegación de Servicio (DoS) a través de un archivo MP4... • https://github.com/gpac/gpac/issues/2672 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5998 – Out-of-bounds Read in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-5998
07 Nov 2023 — Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. Lectura fuera de los límites en el repositorio de GitHub gpac/gpac anterior a 2.3.0-DEV. • https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46001
https://notcve.org/view.php?id=CVE-2023-46001
07 Nov 2023 — Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data. Vulnerabilidad de desbordamiento del búfer en gpac MP4Box v.2.3-DEV-rev573-g201320819-master permite a un atacante local provocar una Denegación de Servicio (DoS) a través de la función gpac/src/isomedia/isom_read.c:2807:51 en gf_isom_get_user_data. • https://github.com/gpac/gpac/commit/e79b0cf7e72404750630bc01340e999f3940dbc4 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •