AVG-1856 log

Package gpac
Status Fixed
Severity Medium
Type multiple issues
Affected 1:1.0.0-1
Fixed 1:1.0.1-1
Current 1:2.2.1-2 [extra]
Ticket None
Created Wed Apr 21 19:30:19 2021
Issue Severity Remote Type Description
CVE-2021-32271 Medium Yes Arbitrary code execution
An issue was discovered in gpac through 20200801. A stack-buffer- overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an...
CVE-2021-32270 Low Yes Denial of service
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an...
CVE-2021-32269 Low Yes Denial of service
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an...
CVE-2021-32268 Medium Yes Arbitrary code execution
A buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac through 20200801 allows attackers to execute arbitrary code.
CVE-2020-23932 Low Yes Denial of service
An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker...
CVE-2020-23931 Medium Yes Information disclosure
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.
CVE-2020-23930 Low Yes Denial of service
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows...
CVE-2020-23928 Medium Yes Information disclosure
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.