CVE-2021-30199
- EPSS 0.87%
- Veröffentlicht 19.04.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 06:03:30
In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called. The first arg pck may be null with a crafted mp4 file,which results in a crash.
CVE-2021-31254
- EPSS 1.45%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:22
Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.
CVE-2021-31255
- EPSS 1.46%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:22
Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVE-2021-31256
- EPSS 1.06%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:22
Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVE-2021-31257
- EPSS 0.87%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:22
The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVE-2021-31258
- EPSS 0.87%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:23
The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVE-2021-31259
- EPSS 0.9%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:23
The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVE-2021-31260
- EPSS 0.87%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:23
The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVE-2021-31261
- EPSS 1.06%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:23
The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command.
CVE-2021-31262
- EPSS 0.87%
- Veröffentlicht 19.04.2021 19:15:18
- Zuletzt bearbeitet 21.11.2024 06:05:23
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.