Debian Ccextractor vulnerabilities

28 known vulnerabilities affecting debian/ccextractor.

Total CVEs
28
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH6MEDIUM17LOW3

Vulnerabilities

Page 2 of 2
CVE-2019-13618HIGHCVSS 7.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2019
CVE-2019-13618 [HIGH] CVE-2019-13618: ccextractor - In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer ... In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c. Scope: local bullseye: open
debian
CVE-2019-20161MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2019
CVE-2019-20161 [MEDIUM] CVE-2019-20161: ccextractor - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c. Scope: local bullseye: open
debian
CVE-2019-12481MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2019
CVE-2019-12481 [MEDIUM] CVE-2019-12481: ccextractor - An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in th... An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box. Scope: local bullseye: open
debian
CVE-2019-20162MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2019
CVE-2019-20162 [MEDIUM] CVE-2019-20162: ccextractor - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function gf_isom_box_parse_ex() in isomedia/box_funcs.c. Scope: local bullseye: open
debian
CVE-2019-20208MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2019
CVE-2019-20208 [MEDIUM] CVE-2019-20208: ccextractor - dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-ba... dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow. Scope: local bullseye: open
debian
CVE-2019-20171MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2019
CVE-2019-20171 [MEDIUM] CVE-2019-20171: ccextractor - An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c. Scope: local bullseye: open
debian
CVE-2019-20170MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2019
CVE-2019-20170 [MEDIUM] CVE-2019-20170: ccextractor - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid pointer dereference in the function GF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c. Scope: local bullseye: open
debian
CVE-2018-21015MEDIUMCVSS 6.5fixed in gpac 1.0.1+dfsg1-2 (bullseye)2018
CVE-2018-21015 [MEDIUM] CVE-2018-21015: ccextractor - AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attacker... AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL. Scope: local bullseye: open
debian
← Previous2 / 2