CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-24266
https://notcve.org/view.php?id=CVE-2024-24266
05 Feb 2024 — gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c. Se descubrió que gpac v2.2.1 contenía una vulnerabilidad Use-After-Free (UAF) a través de la función dasher_configure_pid en /src/filters/dasher.c. • https://github.com/yinluming13579/gpac_defects/blob/main/gpac_2.md • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-24267
https://notcve.org/view.php?id=CVE-2024-24267
05 Feb 2024 — gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function. Se descubrió que gpac v2.2.1 contenía una pérdida de memoria a través de la variable gfio_blob en la función gf_fileio_from_blob. • https://github.com/gpac/gpac/commit/d28d9ba45cf4f628a7b2c351849a895e6fcf2234 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-24265
https://notcve.org/view.php?id=CVE-2024-24265
05 Feb 2024 — gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function. Se descubrió que gpac v2.2.1 contenía una pérdida de memoria a través de la variable dst_props en la función gf_filter_pid_merge_properties_internal. • https://github.com/yinluming13579/gpac_defects/blob/main/gpac_1.md • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0322 – Out-of-bounds Read in gpac/gpac
https://notcve.org/view.php?id=CVE-2024-0322
08 Jan 2024 — Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. Fuera de los límites Read en el repositorio de GitHub gpac/gpac anterior a 2.3-DEV. • https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0321 – Stack-based Buffer Overflow in gpac/gpac
https://notcve.org/view.php?id=CVE-2024-0321
08 Jan 2024 — Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. desbordamiento de búfer en la región stack de la memoria en el repositorio de GitHub gpac/gpac anterior a 2.3-DEV. It was discovered that the GPAC MP4Box utility incorrectly handled certain AC3 files, which could lead to an out-of-bounds read. A remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that the G... • https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47465
https://notcve.org/view.php?id=CVE-2023-47465
09 Dec 2023 — An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c. Un problema en GPAC v.2.2.1 y anteriores permite que un atacante local provoque una denegación de servicio (DoS) a través de la función ctts_box_read del archivo src/isomedia/box_code_base.c. • https://github.com/gpac/gpac/issues/2652 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2CVE-2023-46871
https://notcve.org/view.php?id=CVE-2023-46871
07 Dec 2023 — GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. La versión 2.3-DEV-rev602-ged8424300-master de GPAC en MP4Box contiene una pérdida de memoria en NewSFDouble scenegraph/vrml_tools.c:300. Esta vulnerabilidad puede provocar una denegación de servicio. • https://gist.github.com/ReturnHere/d0899bb03b8f5e8fae118f2b76888486 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5998 – Out-of-bounds Read in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-5998
07 Nov 2023 — Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. Lectura fuera de los límites en el repositorio de GitHub gpac/gpac anterior a 2.3.0-DEV. • https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5595 – Denial of Service in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-5595
16 Oct 2023 — Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. Denegación de Servicio en el repositorio de GitHub gpac/gpac anterior a la versión 2.3.0-DEV. • https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5586 – NULL Pointer Dereference in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-5586
15 Oct 2023 — NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV. Eliminación de referencia del puntero NULL en el repositorio de GitHub gpac/gpac anterior a 2.3.0-DEV. • https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc • CWE-476: NULL Pointer Dereference •