Log

CVE-2021-32440 edited at 11 Aug 2021 21:32:48
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
References
+ https://github.com/gpac/gpac/issues/1772
+ https://github.com/gpac/gpac/commit/f0ba83717b6e4d7a15a1676d1fe06152e199b011
CVE-2021-32439 edited at 11 Aug 2021 21:32:09
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ A buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
References
+ https://github.com/gpac/gpac/issues/1774
+ https://github.com/gpac/gpac/commit/77ed81c069e10b3861d88f72e1c6be1277ee7eae
CVE-2021-32438 edited at 11 Aug 2021 21:31:30
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
References
+ https://github.com/gpac/gpac/issues/1769
+ https://github.com/gpac/gpac/commit/00194f5fe462123f70b0bae7987317b52898b868
CVE-2021-32437 edited at 11 Aug 2021 21:30:54
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
References
+ https://github.com/gpac/gpac/issues/1770
+ https://github.com/gpac/gpac/commit/1653f31cf874eb6df964bea88d58d8e9b98b485e
AVG-1823 edited at 11 Aug 2021 21:30:08
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
+ CVE-2021-32437
+ CVE-2021-32438
+ CVE-2021-32439
+ CVE-2021-32440
CVE-2021-36584
CVE-2021-32438 created at 11 Aug 2021 21:30:08
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-1823 edited at 11 Aug 2021 21:30:08
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
+ CVE-2021-32437
+ CVE-2021-32438
+ CVE-2021-32439
+ CVE-2021-32440
CVE-2021-36584
CVE-2021-32439 created at 11 Aug 2021 21:30:08
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-1823 edited at 11 Aug 2021 21:30:08
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
+ CVE-2021-32437
+ CVE-2021-32438
+ CVE-2021-32439
+ CVE-2021-32440
CVE-2021-36584
CVE-2021-32440 created at 11 Aug 2021 21:30:08
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-1823 edited at 11 Aug 2021 21:30:08
Issues
CVE-2020-35979
CVE-2020-35980
CVE-2020-35981
CVE-2020-35982
CVE-2021-28300
CVE-2021-29279
CVE-2021-30014
CVE-2021-30015
CVE-2021-30019
CVE-2021-30020
CVE-2021-30022
CVE-2021-30199
CVE-2021-31254
CVE-2021-31255
CVE-2021-31256
CVE-2021-31257
CVE-2021-31258
CVE-2021-31259
CVE-2021-31260
CVE-2021-31261
CVE-2021-31262
+ CVE-2021-32437
+ CVE-2021-32438
+ CVE-2021-32439
+ CVE-2021-32440
CVE-2021-36584
CVE-2021-32437 created at 11 Aug 2021 21:30:08
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
AVG-2280 edited at 11 Aug 2021 21:17:43
Severity
- Unknown
+ Medium
CVE-2021-20314 edited at 11 Aug 2021 21:17:43
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ A stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to denial of service and potentially code execution via malicious crafted SPF explanation messages.
References
+ https://www.openwall.com/lists/oss-security/2021/08/11/6
+ https://github.com/shevek/libspf2/commit/c37b7c13c30e225183899364b9f2efdfa85552ef
Notes
AVG-2280 created at 11 Aug 2021 21:15:43
Packages
+ libspf2
Issues
+ CVE-2021-20314
Status
+ Vulnerable
Severity
+ Unknown
Affected
+ 1.2.10-5
Fixed
Ticket
Advisory qualified
+ Yes
References
Notes
CVE-2021-20314 created at 11 Aug 2021 21:15:43