Debian Gpac vulnerabilities

CVE-2019-20631 [MEDIUM] CVE-2019-20631: gpac - An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP... An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_list_count in utils/list.c that can cause a denial of service via a crafted MP4 file. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-2)

CVE-2019-20159 [MEDIUM] CVE-2019-20159: gpac - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a memory leak in dinf_New() in isomedia/box_code_base.c. Scope: local bullseye: resolved

CVE-2019-20167 [MEDIUM] CVE-2019-20167: gpac - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function senc_Parse() in isomedia/box_code_drm.c. Scope: local bullseye: resolved

CVE-2019-20164 [MEDIUM] CVE-2019-20164: gpac - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_box_del() in isomedia/box_funcs.c. Scope: local bullseye: resolved

CVE-2019-20169 [MEDIUM] CVE-2019-20169: gpac - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function trak_Read() in isomedia/box_code_base.c. Scope: local bullseye: resolved

CVE-2019-20168 [MEDIUM] CVE-2019-20168: gpac - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gf_isom_box_dump_ex() in isomedia/box_funcs.c. Scope: local bullseye: resolved

CVE-2019-20166 [MEDIUM] CVE-2019-20166: gpac - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_dump() in isomedia/box_dump.c. Scope: local bullseye: resolved

CVE-2019-20160 [MEDIUM] CVE-2019-20160: gpac - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. Th... An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1_parse_tile_group() in media_tools/av_parsers.c. Scope: local bullseye: resolved

CVE-2018-13006 [CRITICAL] CVE-2018-13006: gpac - An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer ov... An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump. Scope: local bullseye: resolved (fixed in 0.5.2-426-gc5ad4e4+dfsg5-4.1)

CVE-2018-13005 [CRITICAL] CVE-2018-13005: gpac - An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomed... An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. Scope: local bullseye: resolved (fixed in 0.5.2-426-gc5ad4e4+dfsg5-4.1)

CVE-2018-20762 [HIGH] CVE-2018-20762: gpac - GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_mu... GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames. Scope: local bullseye: resolved (fixed in 0.5.2-426-gc5ad4e4+dfsg5-4.1)

CVE-2018-20760 [HIGH] CVE-2018-20760: gpac - In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in... In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. Scope: local bullseye: resolved (fixed in 0.5.2-426-gc5ad4e4+dfsg5-4.1)

CVE-2018-20761 [HIGH] CVE-2018-20761: gpac - GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_... GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a. Scope: local bullseye: resolved (fixed in 0.5.2-426-gc5ad4e4+dfsg5-4.1)

CVE-2018-7752 [HIGH] CVE-2018-7752: gpac - GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function i... GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. Scope: local bullseye: resolved (fixed in 0.5.2-426-gc5ad4e4+dfsg5-4.1)

CVE-2018-20763 [HIGH] CVE-2018-20763: gpac - In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in... In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. Scope: local bullseye: resolved (fixed in 0.5.2-426-gc5ad4e4+dfsg5-4.1)

CVE-2018-21015 [MEDIUM] CVE-2018-21015: ccextractor - AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attacker... AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL. Scope: local bullseye: open

CVE-2018-21016 [MEDIUM] CVE-2018-21016: gpac - audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows rem... audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. Scope: local bullseye: resolved (fixed in 1.0.1+dfsg1-2)

CVE-2018-21017 [MEDIUM] CVE-2018-21017: gpac - GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. Scope: local bullseye: resolved

CVE-2018-1000100 [HIGH] CVE-2018-1000100: gpac - GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability i... GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This attack appear to be exploitable via an attacker supplied MP4 file that when run by the victim may result in RCE. Scope: local bullseye: resolved