Gpac Security Vulnerabilities (CVEs)
Track 81 security vulnerabilities affecting Gpac products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a null pointer dereference vulnerability in GPAC's MP4Box tool that can cause application crashes. The vulnerability requires local...
Jan 26, 2026This CVE describes an out-of-bounds write vulnerability in GPAC's SRT subtitle import function. Attackers with local access can exploit this to potent...
Jan 26, 2026A null pointer dereference vulnerability exists in GPAC's DumpMovieInfo function, allowing local attackers to cause denial of service through applicat...
Jan 26, 2026A null pointer dereference vulnerability exists in GPAC multimedia framework versions up to 2.4.0. Attackers with local access can crash the applicati...
Jan 26, 2026A heap overflow vulnerability in GPAC's ghi_dmx_declare_opid_bin() function allows attackers to cause Denial of Service (DoS) through specially crafte...
Jan 15, 2026A heap overflow vulnerability in GPAC's uncv_parse_config() function allows attackers to cause Denial of Service (DoS) by providing a specially crafte...
Jan 15, 2026A heap overflow vulnerability in GPAC's AVI file parser allows attackers to cause denial of service by providing a specially crafted AVI file. This af...
Jan 15, 2026A stack overflow vulnerability in GPAC's dump_ttxt_sample function allows attackers to cause Denial of Service by sending specially crafted packets. T...
Jan 15, 2026An out-of-bounds read vulnerability in GPAC's GSF demuxer filter allows attackers to cause denial of service by processing a malicious .gsf file. This...
Jan 15, 2026A stack overflow vulnerability in GPAC's pcmreframe_flush_packet function allows attackers to cause denial of service by processing a specially crafte...
Jan 15, 2026A heap overflow vulnerability in GPAC's vorbis_to_intern() function allows attackers to cause Denial of Service (DoS) by processing a malicious .ogg f...
Jan 15, 2026CVE-2025-70298 is an out-of-bounds read vulnerability in GPAC's OGG demuxer that could allow attackers to read sensitive memory contents or cause appl...
Jan 15, 2026A buffer overflow vulnerability in GPAC's vobsub_get_subpic_duration() function allows attackers to cause denial of service by sending specially craft...
Jan 15, 2026A stack overflow vulnerability in GPAC's dmx_saf function allows attackers to cause Denial of Service (DoS) by providing a specially crafted .saf file...
Jan 15, 2026A null pointer dereference vulnerability in GPAC's DASH client allows remote attackers to cause denial of service by manipulating the base_init_url ar...
Jul 18, 2025A buffer overflow vulnerability in GPAC version 2.5 allows local attackers to execute arbitrary code on affected systems. This affects systems running...
Feb 28, 2025A heap-based buffer overflow vulnerability exists in GPAC v0.8.0's MP4Box tool when processing crafted MP4 files. This can cause denial of service (cr...
Jan 24, 2025This vulnerability is a heap buffer overflow in gpac's MP4Box tool that occurs when processing specially crafted MP4 files. Attackers could exploit th...
Jan 23, 2025This vulnerability in gpac's MP4Box tool is a NULL pointer dereference that causes a segmentation fault (SEGV) when processing specially crafted MP4 f...
Jan 23, 2025A use-after-free vulnerability in GPAC's gf_filterpacket_del function can cause double-free conditions leading to application crashes. This affects sy...
Nov 15, 2024This vulnerability in GPAC's MP4Box tool is a use-after-free flaw in the xmt_node_end function that could allow local attackers to crash the applicati...
Jun 17, 2024This vulnerability in GPAC multimedia framework allows attackers to write data beyond allocated memory boundaries when processing SWF files. It affect...
Mar 15, 2024A null pointer dereference vulnerability in gpac's DASH client component allows remote attackers to execute arbitrary code, cause denial of service, o...
Mar 9, 2024CVE-2024-24265 is a memory leak vulnerability in gpac v2.2.1 that occurs via the dst_props variable in the gf_filter_pid_merge_properties_internal fun...
Feb 5, 2024This vulnerability in GPAC multimedia framework allows memory exhaustion through a memory leak in the gf_fileio_from_blob function. Attackers could ca...
Feb 5, 2024A stack-based buffer overflow vulnerability in GPAC multimedia framework allows attackers to execute arbitrary code or cause denial of service by send...
Jan 8, 2024A heap buffer overflow vulnerability in GPAC's MP4Box allows attackers to execute arbitrary code or cause denial of service by exploiting the str2ulon...
Dec 9, 2023GPAC 2.3-DEV-rev617-g671976fcc-master contains memory leaks in the extract_attributes function when processing M3U8 files. This vulnerability allows a...
Nov 20, 2023CVE-2023-48011 is a heap-use-after-free vulnerability in GPAC's movie_fragments.c that allows attackers to execute arbitrary code or cause denial of s...
Nov 15, 2023This CVE describes a stack overflow vulnerability in GPAC's HEVC video parser that could allow remote code execution. Attackers could exploit this by ...
Nov 15, 2023CVE-2023-5998 is an out-of-bounds read vulnerability in the GPAC multimedia framework that could allow attackers to read sensitive memory contents. Th...
Nov 7, 2023This vulnerability is an out-of-bounds read in the GPAC multimedia framework that could allow attackers to read sensitive memory contents. It affects ...
Oct 4, 2023This vulnerability is an out-of-bounds read in the GPAC multimedia framework that could allow attackers to read sensitive memory contents. It affects ...
Jul 6, 2023A NULL pointer dereference vulnerability in GPAC multimedia framework allows attackers to cause denial of service (crash) by exploiting improper handl...
May 31, 2023This vulnerability is an out-of-bounds read in the GPAC multimedia framework that could allow attackers to read sensitive memory contents or cause den...
May 22, 2023A NULL pointer dereference vulnerability in GPAC multimedia framework allows attackers to cause denial of service (crash) or potentially execute arbit...
May 22, 2023This vulnerability in GPAC (Multimedia Framework) allows remote attackers to cause a denial of service via resource exhaustion. It affects systems run...
Mar 27, 2023A heap-based buffer overflow vulnerability in GPAC multimedia framework allows attackers to execute arbitrary code or cause denial of service by proce...
Mar 27, 2023This CVE describes a heap-based buffer overflow vulnerability in the GPAC multimedia framework. Attackers can exploit this to execute arbitrary code o...
Feb 13, 2023This CVE describes a stack-based buffer overflow vulnerability in GPAC multimedia framework versions prior to 2.2. Attackers can exploit this by craft...
Feb 9, 2023CVE-2022-2454 is an integer overflow vulnerability in the GPAC multimedia framework that could allow attackers to cause denial of service or potential...
Jul 19, 2022CVE-2022-1795 is a use-after-free vulnerability in GPAC multimedia framework that allows attackers to execute arbitrary code or cause denial of servic...
May 18, 2022CVE-2022-30976 is a heap-based buffer over-read vulnerability in GPAC's Unicode handling function. Attackers can exploit this by crafting malicious MP...
May 18, 2022This vulnerability in GPAC's BS_ReadByte() function causes a failed assertion leading to denial of service when processing malformed media files. It a...
May 5, 2022CVE-2022-1441 is a buffer overflow vulnerability in MP4Box (part of GPAC) that occurs when parsing malicious MP4 files. Attackers can exploit this to ...
Apr 25, 2022CVE-2022-24575 is a stack-based buffer overflow vulnerability in GPAC's MP4Box tool that allows attackers to execute arbitrary code or cause denial of...
Mar 14, 2022CVE-2022-26967 is a heap-based buffer overflow vulnerability in GPAC's gf_base64_encode function that can be triggered via MP4Box. This allows attacke...
Mar 12, 2022CVE-2021-40574 is a double-free vulnerability in Gpac's MP4Box binary that allows attackers to cause denial of service, execute arbitrary code, or esc...
Jan 13, 2022A double-free vulnerability in Gpac's MP4Box allows attackers to cause denial of service or potentially execute arbitrary code. This affects systems r...
Jan 13, 2022A buffer overflow vulnerability in Gpac's MP4 file parser allows attackers to execute arbitrary code or cause denial of service by providing a special...
Jan 13, 2022Why Monitor Gpac Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 81+ known vulnerabilities affecting Gpac products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Gpac packages in under 60 seconds. No agents required - completely agentless scanning that works across Gpac deployments.
Free vulnerability database: Access detailed information about every Gpac CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Gpac CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
