CVE-2025-55645
- EPSS 0.24%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:38:05
A heap buffer overflow in the gf_cenc_set_pssh function (isomedia/drm_sample.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55647
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:38:33
An Out-of-Memory in the mp4_mux_cenc_insert_pssh function (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55648
- EPSS 0.24%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:39:28
A heap buffer overflow in the gf_opus_parse_packet_header function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55649
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:39:38
A NULL pointer dereference in the gf_media_map_esd function (media_tools/isom_tools.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55650
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:39:49
A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-52292
- EPSS 0.5%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:18
A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-52293
- EPSS 0.47%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:19
A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying crafted HEVC SPS data.
CVE-2025-55651
- EPSS 0.19%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:19
A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55657
- EPSS 0.47%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:19
A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55658
- EPSS 0.3%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 12.06.2026 16:46:17
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf_opus_parse_packet_header function (media_tools/av_parsers.c). bThis vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.