📦 Gpac
by Gpac
🔍 What is Gpac?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A null pointer dereference vulnerability in gpac's DASH client component allows remote attackers to execute arbitrary code, cause denial of service, or access sensitive information. This affects syste...
A stack-based buffer overflow vulnerability in GPAC multimedia framework allows attackers to execute arbitrary code or cause denial of service by sending specially crafted media files. This affects al...
A heap buffer overflow vulnerability in GPAC's MP4Box allows attackers to execute arbitrary code or cause denial of service by exploiting the str2ulong class in avilib.c. This affects users of GPAC ve...
This vulnerability is an out-of-bounds read in the GPAC multimedia framework that could allow attackers to read sensitive memory contents or cause denial of service. It affects systems running GPAC ve...
A NULL pointer dereference vulnerability in GPAC multimedia framework allows attackers to cause denial of service (crash) or potentially execute arbitrary code by processing specially crafted media fi...
CVE-2022-1795 is a use-after-free vulnerability in GPAC multimedia framework that allows attackers to execute arbitrary code or cause denial of service. This affects systems running vulnerable version...
CVE-2020-19751 is a heap-based buffer over-read vulnerability in gpac's gf_odf_del_ipmp_tool function that could allow attackers to read sensitive memory contents or cause denial of service. This affe...
This vulnerability allows attackers to execute arbitrary code or cause denial-of-service by exploiting a NULL pointer dereference in GPAC's MP4 file parser. Attackers can trigger this by uploading a m...
A stack overflow vulnerability in GPAC's dump_ttxt_sample function allows attackers to cause Denial of Service by sending specially crafted packets. This affects systems running vulnerable versions of...
An out-of-bounds read vulnerability in GPAC's GSF demuxer filter allows attackers to cause denial of service by processing a malicious .gsf file. This affects systems running GPAC v2.4.0 that process ...
CVE-2025-70298 is an out-of-bounds read vulnerability in GPAC's OGG demuxer that could allow attackers to read sensitive memory contents or cause application crashes. This affects systems running GPAC...
A buffer overflow vulnerability in GPAC's vobsub_get_subpic_duration() function allows attackers to cause denial of service by sending specially crafted packets. This affects systems running GPAC v2.4...
A buffer overflow vulnerability in GPAC version 2.5 allows local attackers to execute arbitrary code on affected systems. This affects systems running GPAC 2.5 where an attacker has local access. The ...
This vulnerability is a heap buffer overflow in gpac's MP4Box tool that occurs when processing specially crafted MP4 files. Attackers could exploit this to execute arbitrary code or cause denial of se...
This vulnerability in GPAC multimedia framework allows attackers to write data beyond allocated memory boundaries when processing SWF files. It affects systems running vulnerable versions of GPAC that...
CVE-2024-24265 is a memory leak vulnerability in gpac v2.2.1 that occurs via the dst_props variable in the gf_filter_pid_merge_properties_internal function. This vulnerability could allow attackers to...
This vulnerability in GPAC multimedia framework allows memory exhaustion through a memory leak in the gf_fileio_from_blob function. Attackers could cause denial of service by repeatedly triggering the...
GPAC 2.3-DEV-rev617-g671976fcc-master contains memory leaks in the extract_attributes function when processing M3U8 files. This vulnerability allows attackers to cause denial of service through resour...
CVE-2023-48011 is a heap-use-after-free vulnerability in GPAC's movie_fragments.c that allows attackers to execute arbitrary code or cause denial of service by processing specially crafted media files...
This CVE describes a stack overflow vulnerability in GPAC's HEVC video parser that could allow remote code execution. Attackers could exploit this by crafting malicious HEVC video files. Users and app...
CVE-2023-5998 is an out-of-bounds read vulnerability in the GPAC multimedia framework that could allow attackers to read sensitive memory contents. This affects users and applications running GPAC ver...
This vulnerability is an out-of-bounds read in the GPAC multimedia framework that could allow attackers to read sensitive memory contents. It affects users of GPAC versions prior to v2.2.2-DEV who pro...
This vulnerability is an out-of-bounds read in the GPAC multimedia framework that could allow attackers to read sensitive memory contents. It affects users of GPAC versions prior to 2.2.2 who process ...
A NULL pointer dereference vulnerability in GPAC multimedia framework allows attackers to cause denial of service (crash) by exploiting improper handling of certain media files. This affects all syste...
This vulnerability in GPAC (Multimedia Framework) allows remote attackers to cause a denial of service via resource exhaustion. It affects systems running GPAC versions prior to 2.4.0, particularly th...
A heap-based buffer overflow vulnerability in GPAC multimedia framework allows attackers to execute arbitrary code or cause denial of service by processing specially crafted media files. This affects ...
This CVE describes a heap-based buffer overflow vulnerability in the GPAC multimedia framework. Attackers can exploit this to execute arbitrary code or cause denial of service by sending specially cra...
This CVE describes a stack-based buffer overflow vulnerability in GPAC multimedia framework versions prior to 2.2. Attackers can exploit this by crafting malicious media files to execute arbitrary cod...
CVE-2022-2454 is an integer overflow vulnerability in the GPAC multimedia framework that could allow attackers to cause denial of service or potentially execute arbitrary code. This affects users and ...
CVE-2022-30976 is a heap-based buffer over-read vulnerability in GPAC's Unicode handling function. Attackers can exploit this by crafting malicious MP4 files to cause memory corruption, potentially le...
This vulnerability in GPAC's BS_ReadByte() function causes a failed assertion leading to denial of service when processing malformed media files. It affects systems running vulnerable versions of GPAC...
CVE-2022-1441 is a buffer overflow vulnerability in MP4Box (part of GPAC) that occurs when parsing malicious MP4 files. Attackers can exploit this to execute arbitrary code or cause denial of service....
CVE-2022-24575 is a stack-based buffer overflow vulnerability in GPAC's MP4Box tool that allows attackers to execute arbitrary code or cause denial of service. This affects users who process untrusted...
CVE-2022-26967 is a heap-based buffer overflow vulnerability in GPAC's gf_base64_encode function that can be triggered via MP4Box. This allows attackers to execute arbitrary code or cause denial of se...
CVE-2021-40574 is a double-free vulnerability in Gpac's MP4Box binary that allows attackers to cause denial of service, execute arbitrary code, or escalate privileges. This affects users processing ma...
A double-free vulnerability in Gpac's MP4Box allows attackers to cause denial of service or potentially execute arbitrary code. This affects systems running vulnerable versions of Gpac that process ma...
A buffer overflow vulnerability in Gpac's MP4 file parser allows attackers to execute arbitrary code or cause denial of service by providing a specially crafted MP4 file. This affects all systems runn...
A heap-based buffer overflow vulnerability in GPAC's MP4Box tool allows attackers to execute arbitrary code or cause denial of service by processing a specially crafted MP4 file. This affects systems ...
A null pointer dereference vulnerability in gpac 1.1.0 allows attackers to cause a segmentation fault and crash the application by exploiting the lsr_read_anim_values_ex function. This affects systems...
This vulnerability in GPAC 0.8.0 allows attackers to cause a heap-based buffer overflow by processing a specially crafted media file. This can lead to denial of service (crashing the application) and ...
This vulnerability is a stack buffer overflow in GPAC's DumpRawUIConfig function that allows remote code execution when processing malicious files. Attackers can exploit this by tricking users into op...
This buffer overflow vulnerability in GPAC's gf_fprintf function allows attackers to execute arbitrary code by exploiting improper bounds checking. It affects all systems running GPAC versions before ...
This vulnerability is a heap buffer overflow in GPAC's MP4Box tool that allows attackers to cause denial of service or execute arbitrary code by providing a specially crafted MP4 file. It affects syst...
This integer overflow vulnerability in GPAC's MPEG-4 decoder allows heap-based buffer overflow via specially crafted video files. Attackers can achieve remote code execution by tricking users into ope...
This vulnerability allows remote code execution through a specially crafted MPEG-4 video file. Attackers can exploit an integer overflow in GPAC's MPEG-4 decoder to cause heap corruption and execute a...
An integer overflow vulnerability in GPAC's MPEG-4 decoder allows heap-based buffer overflow via specially crafted video files. Attackers can exploit this by tricking users into opening malicious vide...
This vulnerability allows remote code execution through a specially crafted MPEG-4 video file. Attackers can exploit it by tricking users into opening malicious videos, potentially taking full control...
This vulnerability allows remote code execution through integer truncation in GPAC's MPEG-4 decoder. Attackers can exploit it by tricking users into opening malicious video files. Systems using GPAC v...
This CVE describes an out-of-bounds write vulnerability in GPAC's SRT subtitle import function. Attackers with local access can exploit this to potentially execute arbitrary code or crash the applicat...
A heap overflow vulnerability in GPAC's ghi_dmx_declare_opid_bin() function allows attackers to cause Denial of Service (DoS) through specially crafted input. This affects systems running GPAC v2.4.0 ...
A heap overflow vulnerability in GPAC's uncv_parse_config() function allows attackers to cause Denial of Service (DoS) by providing a specially crafted MP4 file. This affects GPAC v2.4.0 users who pro...
A heap overflow vulnerability in GPAC's AVI file parser allows attackers to cause denial of service by providing a specially crafted AVI file. This affects systems running GPAC v2.4.0 that process unt...
A stack overflow vulnerability in GPAC's pcmreframe_flush_packet function allows attackers to cause denial of service by processing a specially crafted WAV file. This affects systems running GPAC v2.4...
A heap overflow vulnerability in GPAC's vorbis_to_intern() function allows attackers to cause Denial of Service (DoS) by processing a malicious .ogg file. This affects systems running GPAC v2.4.0 for ...
A stack overflow vulnerability in GPAC's dmx_saf function allows attackers to cause Denial of Service (DoS) by providing a specially crafted .saf file. This affects systems running GPAC v2.4.0 that pr...
A null pointer dereference vulnerability in GPAC's DASH client allows remote attackers to cause denial of service by manipulating the base_init_url argument. This affects GPAC multimedia framework use...
A heap-based buffer overflow vulnerability exists in GPAC v0.8.0's MP4Box tool when processing crafted MP4 files. This can cause denial of service (crash) and potentially allow arbitrary code executio...
This vulnerability in gpac's MP4Box tool is a NULL pointer dereference that causes a segmentation fault (SEGV) when processing specially crafted MP4 files with DRM encryption. It affects users who pro...
A use-after-free vulnerability in GPAC's gf_filterpacket_del function can cause double-free conditions leading to application crashes. This affects systems running GPAC version 2.3-DEV-revrelease when...
This vulnerability in GPAC's MP4Box tool is a use-after-free flaw in the xmt_node_end function that could allow local attackers to crash the application or potentially execute arbitrary code. It affec...
This CVE describes a null pointer dereference vulnerability in GPAC's MP4Box tool that can cause application crashes. The vulnerability requires local access to exploit and affects GPAC versions up to...
A null pointer dereference vulnerability exists in GPAC's DumpMovieInfo function, allowing local attackers to cause denial of service through application crashes. This affects GPAC versions up to 2.4....
A null pointer dereference vulnerability exists in GPAC multimedia framework versions up to 2.4.0. Attackers with local access can crash the application by manipulating the Name argument in the gf_med...