CVE-2023-1448 – GPAC mpegts.c gf_m2ts_process_sdt heap-based overflow
https://notcve.org/view.php?id=CVE-2023-1448
A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. • https://github.com/gpac/gpac/issues/2388 https://github.com/xxy1126/Vuln/blob/main/gpac/3 https://vuldb.com/?ctiid.223293 https://vuldb.com/?id.223293 • CWE-122: Heap-based Buffer Overflow •
CVE-2023-0841 – GPAC reframe_mp3.c mp3_dmx_process heap-based overflow
https://notcve.org/view.php?id=CVE-2023-0841
A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/advisories/GHSA-w52x-cp47-xhhw https://github.com/gpac/gpac/commit/851560e3dc8155d45ace4b0d77421f241ed71dc4 https://github.com/gpac/gpac/issues/2396 https://github.com/gpac/gpac/releases/tag/v2.2.1 https://github.com/qianshuidewajueji/poc/blob/main/gpac/mp3_dmx_process_poc3 https://vuldb.com/?ctiid.221087 https://vuldb.com/?id.221087 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-0819 – Heap-based Buffer Overflow in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-0819
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. • https://github.com/gpac/gpac/commit/d067ab3ccdeaa340e8c045a0fd5bcfc22b809e8f https://huntr.dev/bounties/35793610-dccc-46c8-9f55-6a24c621e4ef https://www.debian.org/security/2023/dsa-5411 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-0818 – Off-by-one Error in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-0818
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. • https://github.com/gpac/gpac/commit/377ab25f3e502db2934a9cf4b54739e1c89a02ff https://huntr.dev/bounties/038e7472-f3e9-46c2-9aea-d6dafb62a18a https://www.debian.org/security/2023/dsa-5411 • CWE-193: Off-by-one Error •
CVE-2023-0817 – Buffer Over-read in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-0817
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV. • https://github.com/gpac/gpac/commit/be9f8d395bbd196e3812e9cd80708f06bcc206f7 https://huntr.dev/bounties/cb730bc5-d79c-4de6-9e57-10e8c3ce2cf3 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •