CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20762
https://notcve.org/view.php?id=CVE-2018-20762
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames. GPAC versión 0.7.1 y anteriores tiene una vulnerabilidad de desbordamiento de búfer en la función cat_multiple_files en aplicaciones/mp4box/fileimport.c cuando MP4Box se utiliza para un directorio local que contiene nombres de archivo creados. • https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658 https://github.com/gpac/gpac/issues/1187 https://lists.debian.org/debian-lts-announce/2019/02/msg00040.html https://usn.ubuntu.com/3926-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20763
https://notcve.org/view.php?id=CVE-2018-20763
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. GPAC versión 0.7.1 y anteriores, gf_text_get_utf8_line en media_tools/text_import.c en libgpac_static.a permite una escritura fuera de límites debido a la falta de comprobación de límites szLineConv. • https://github.com/gpac/gpac/commit/1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd https://github.com/gpac/gpac/issues/1188 https://lists.debian.org/debian-lts-announce/2019/02/msg00040.html https://usn.ubuntu.com/3926-1 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-13006
https://notcve.org/view.php?id=CVE-2018-13006
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump. Se ha descubierto un problema en MP4Box en GPAC 0.7.1. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función hdlr_dump en media/box_dump.c. • https://github.com/gpac/gpac/commit/bceb03fd2be95097a7b409ea59914f332fb6bc86 https://lists.debian.org/debian-lts-announce/2018/07/msg00024.html https://usn.ubuntu.com/3926-1 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2018-13005
https://notcve.org/view.php?id=CVE-2018-13005
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. Se ha descubierto un problema en MP4Box en GPAC 0.7.1. La función urn_Read in isomedia/box_code_base.c tiene una sobrelectura de búfer basada en memoria dinámica (heap). • https://github.com/gpac/gpac/issues/1088 https://lists.debian.org/debian-lts-announce/2018/07/msg00024.html https://usn.ubuntu.com/3926-1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-7752
https://notcve.org/view.php?id=CVE-2018-7752
GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. GPAC, hasta la versión 0.7.1, tiene un desbordamiento de búfer en la función gf_media_avc_read_sps en media_tools/av_parsers.c. Esta vulnerabilidad es diferente de CVE-2018-1000100. • https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4 https://github.com/gpac/gpac/issues/997 https://lists.debian.org/debian-lts-announce/2019/02/msg00040.html https://usn.ubuntu.com/3926-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •