Debian Gpac vulnerabilities

379 known vulnerabilities affecting debian/gpac.

Total CVEs

379

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL13HIGH119MEDIUM203LOW44

Vulnerabilities

Page 13 of 19

CVE-2021-45258MEDIUMCVSS 5.52021

CVE-2021-45258 [MEDIUM] CVE-2021-45258: gpac - A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_li... A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function, which causes a segmentation fault and application crash. Scope: local bullseye: open

debian

CVE-2021-32138MEDIUMCVSS 5.52021

CVE-2021-32138 [MEDIUM] CVE-2021-32138: gpac - The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of s... The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. Scope: local bullseye: open

debian

CVE-2021-40608MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-40608 [MEDIUM] CVE-2021-40608: gpac - The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a ... The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-40563MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-40563 [MEDIUM] CVE-2021-40563: gpac - A Segmentation fault exists casued by null pointer dereference exists in Gpac th... A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-45297MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-45297 [MEDIUM] CVE-2021-45297: gpac - An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-33366MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-33366 [MEDIUM] CVE-2021-33366: gpac - Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allo... Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-45259MEDIUMCVSS 5.52021

CVE-2021-45259 [MEDIUM] CVE-2021-45259: gpac - An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_n... An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, which causes a segmentation fault and application crash. Scope: local bullseye: open

debian

CVE-2021-44918MEDIUMCVSS 5.52021

CVE-2021-44918 [MEDIUM] CVE-2021-44918: gpac - A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get... A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash. Scope: local bullseye: open

debian

CVE-2021-33361MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-33361 [MEDIUM] CVE-2021-33361: gpac - Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attacke... Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-33363MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-33363 [MEDIUM] CVE-2021-33363: gpac - Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attacke... Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-40564MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-40564 [MEDIUM] CVE-2021-40564: gpac - A Segmentation fault caused by null pointer dereference vulnerability eists in G... A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-40569MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-40569 [MEDIUM] CVE-2021-40569: gpac - The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the i... The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-36584MEDIUMCVSS 5.52021

CVE-2021-36584 [MEDIUM] CVE-2021-36584: gpac - An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in ... An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS). Scope: local bullseye: open

debian

CVE-2021-44924MEDIUMCVSS 5.52021

CVE-2021-44924 [MEDIUM] CVE-2021-44924: gpac - An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, whic... An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service. Scope: local bullseye: open

debian

CVE-2021-40572MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-40572 [MEDIUM] CVE-2021-40572: gpac - The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize fun... The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-46236MEDIUMCVSS 5.52021

CVE-2021-46236 [MEDIUM] CVE-2021-46236: gpac - A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function ... A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_vrml_field_pointer_del () at scenegraph/vrml_tools.c. This vulnerability can lead to a Denial of Service (DoS). Scope: local bullseye: open

debian

CVE-2021-46047MEDIUMCVSS 5.5fixed in gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)2021

CVE-2021-46047 [MEDIUM] CVE-2021-46047: gpac - A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_final... A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_finalize function. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-4+deb11u2)

debian

CVE-2021-44923MEDIUMCVSS 5.52021

CVE-2021-44923 [MEDIUM] CVE-2021-44923: gpac - A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrm... A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash. Scope: local bullseye: open

debian

CVE-2021-32135MEDIUMCVSS 5.52021

CVE-2021-32135 [MEDIUM] CVE-2021-32135: gpac - The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of s... The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. Scope: local bullseye: open

debian

CVE-2021-44919MEDIUMCVSS 5.52021

CVE-2021-44919 [MEDIUM] CVE-2021-44919: gpac - A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc funct... A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash. Scope: local bullseye: open

debian

← Previous13 / 19Next →