Search criteria
94 vulnerabilities found for gpac/gpac by gpac
CVE-2023-4679 (GCVE-0-2023-4679)
Vulnerability from cvelistv5 – Published: 2024-11-15 10:53 – Updated: 2024-11-15 19:12
VLAI?
Summary
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash.
Severity ?
5.9 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4679",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T19:10:48.438721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T19:12:15.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T10:53:32.070Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac"
},
{
"url": "https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876"
}
],
"source": {
"advisory": "6f721ee7-8785-4c26-801e-f40fed3faaac",
"discovery": "EXTERNAL"
},
"title": "Use After Free in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2023-4679",
"datePublished": "2024-11-15T10:53:32.070Z",
"dateReserved": "2023-08-31T15:49:10.614Z",
"dateUpdated": "2024-11-15T19:12:15.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0322 (GCVE-0-2024-0322)
Vulnerability from cvelistv5 – Published: 2024-01-08 12:38 – Updated: 2025-06-03 14:37
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
4.4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:48.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0322",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T20:12:03.505158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:37:57.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T12:38:35.128Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
},
{
"url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
}
],
"source": {
"advisory": "87611fc9-ed7c-43e9-8e52-d83cd270bbec",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-0322",
"datePublished": "2024-01-08T12:38:35.128Z",
"dateReserved": "2024-01-08T12:38:05.505Z",
"dateUpdated": "2025-06-03T14:37:57.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0321 (GCVE-0-2024-0321)
Vulnerability from cvelistv5 – Published: 2024-01-08 12:10 – Updated: 2025-05-16 15:37
VLAI?
Summary
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
4 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:49.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0321",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T15:37:01.802041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T15:37:07.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T12:10:46.709Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
},
{
"url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
}
],
"source": {
"advisory": "4c027b94-8e9c-4c31-a169-893b25047769",
"discovery": "EXTERNAL"
},
"title": "Stack-based Buffer Overflow in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-0321",
"datePublished": "2024-01-08T12:10:46.709Z",
"dateReserved": "2024-01-08T12:06:20.296Z",
"dateUpdated": "2025-05-16T15:37:07.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5998 (GCVE-0-2023-5998)
Vulnerability from cvelistv5 – Published: 2023-11-07 18:45 – Updated: 2024-09-04 15:21
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.
Severity ?
4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:14:25.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5998",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T15:20:50.133584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:21:07.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3.0-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-07T18:45:03.305Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
},
{
"url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
}
],
"source": {
"advisory": "ea02a231-b688-422b-a881-ef415bcf6113",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2023-5998",
"datePublished": "2023-11-07T18:45:03.305Z",
"dateReserved": "2023-11-07T18:44:47.880Z",
"dateUpdated": "2024-09-04T15:21:07.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5595 (GCVE-0-2023-5595)
Vulnerability from cvelistv5 – Published: 2023-10-16 08:25 – Updated: 2024-09-16 16:48
VLAI?
Summary
Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.
Severity ?
5.1 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5595",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T16:47:35.286681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T16:48:15.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3.0-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-16T08:25:00.327Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
},
{
"url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
}
],
"source": {
"advisory": "0064cf76-ece1-495d-82b4-e4a1bebeb28e",
"discovery": "EXTERNAL"
},
"title": "Denial of Service in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5595",
"datePublished": "2023-10-16T08:25:00.327Z",
"dateReserved": "2023-10-16T08:24:48.287Z",
"dateUpdated": "2024-09-16T16:48:15.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5586 (GCVE-0-2023-5586)
Vulnerability from cvelistv5 – Published: 2023-10-15 00:28 – Updated: 2024-09-16 20:00
VLAI?
Summary
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV.
Severity ?
4.4 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:31.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5586",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T20:00:36.385989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T20:00:46.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3.0-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-15T00:28:09.002Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
},
{
"url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
}
],
"source": {
"advisory": "d2a6ea71-3555-47a6-9b18-35455d103740",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5586",
"datePublished": "2023-10-15T00:28:09.002Z",
"dateReserved": "2023-10-15T00:27:58.982Z",
"dateUpdated": "2024-09-16T20:00:46.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5520 (GCVE-0-2023-5520)
Vulnerability from cvelistv5 – Published: 2023-10-11 11:56 – Updated: 2024-09-18 15:46
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.
Severity ?
4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5520",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:11:19.786412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:46:12.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T11:56:06.789Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
},
{
"url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
}
],
"source": {
"advisory": "681e42d0-18d4-4ebc-aba0-c5b0f77ac74a",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5520",
"datePublished": "2023-10-11T11:56:06.789Z",
"dateReserved": "2023-10-11T11:55:58.015Z",
"dateUpdated": "2024-09-18T15:46:12.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5377 (GCVE-0-2023-5377)
Vulnerability from cvelistv5 – Published: 2023-10-04 09:53 – Updated: 2024-09-17 13:49
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.
Severity ?
5.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5377",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:47:37.672989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T13:49:53.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "v2.2.2-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-04T09:53:52.991Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
},
{
"url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
}
],
"source": {
"advisory": "fe778df4-3867-41d6-954b-211c81bccbbf",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5377",
"datePublished": "2023-10-04T09:53:52.991Z",
"dateReserved": "2023-10-04T09:53:41.329Z",
"dateUpdated": "2024-09-17T13:49:53.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4778 (GCVE-0-2023-4778)
Vulnerability from cvelistv5 – Published: 2023-09-05 15:43 – Updated: 2024-09-27 13:31
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4778",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T13:31:49.902230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T13:31:58.844Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T15:43:08.880Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
},
{
"url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
}
],
"source": {
"advisory": "abb450fb-4ab2-49b0-90da-3d878eea5397",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4778",
"datePublished": "2023-09-05T15:43:08.880Z",
"dateReserved": "2023-09-05T15:42:58.843Z",
"dateUpdated": "2024-09-27T13:31:58.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4758 (GCVE-0-2023-4758)
Vulnerability from cvelistv5 – Published: 2023-09-04 15:47 – Updated: 2024-09-19 15:33
VLAI?
Summary
Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4758",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:53.953040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:33:10.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T15:47:36.284Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
},
{
"url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
}
],
"source": {
"advisory": "2f496261-1090-45ac-bc89-cc93c82090d6",
"discovery": "EXTERNAL"
},
"title": "Buffer Over-read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4758",
"datePublished": "2023-09-04T15:47:36.284Z",
"dateReserved": "2023-09-04T15:47:26.521Z",
"dateUpdated": "2024-09-19T15:33:10.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4755 (GCVE-0-2023-4755)
Vulnerability from cvelistv5 – Published: 2023-09-04 13:46 – Updated: 2024-09-19 15:35
VLAI?
Summary
Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.3 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4755",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:56.089879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:40.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T13:46:46.060Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
},
{
"url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
}
],
"source": {
"advisory": "463474b7-a4e8-42b6-8b30-e648a77ee6b3",
"discovery": "EXTERNAL"
},
"title": "Use After Free in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4755",
"datePublished": "2023-09-04T13:46:46.060Z",
"dateReserved": "2023-09-04T08:24:36.513Z",
"dateUpdated": "2024-09-19T15:35:40.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4756 (GCVE-0-2023-4756)
Vulnerability from cvelistv5 – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
VLAI?
Summary
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4756",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:54.983665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:24.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T08:24:56.615Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
},
{
"url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
}
],
"source": {
"advisory": "2342da0e-f097-4ce7-bfdc-3ec0ba446e05",
"discovery": "EXTERNAL"
},
"title": "Stack-based Buffer Overflow in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4756",
"datePublished": "2023-09-04T08:24:56.615Z",
"dateReserved": "2023-09-04T08:24:51.810Z",
"dateUpdated": "2024-09-19T15:35:24.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4754 (GCVE-0-2023-4754)
Vulnerability from cvelistv5 – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
VLAI?
Summary
Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.3 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4754",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:57.113483Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:51.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T08:24:38.003Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
},
{
"url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
}
],
"source": {
"advisory": "b7ed24ad-7d0b-40b7-8f4d-3c18a906620c",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Write in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4754",
"datePublished": "2023-09-04T08:24:38.003Z",
"dateReserved": "2023-09-04T08:24:26.796Z",
"dateUpdated": "2024-09-19T15:35:51.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4722 (GCVE-0-2023-4722)
Vulnerability from cvelistv5 – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:35
VLAI?
Summary
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4722",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:58.108346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:59.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-01T15:27:41.694Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
},
{
"url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
}
],
"source": {
"advisory": "ddfdb41d-e708-4fec-afe5-68ff1f88f830",
"discovery": "EXTERNAL"
},
"title": "Integer Overflow or Wraparound in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4722",
"datePublished": "2023-09-01T15:27:41.694Z",
"dateReserved": "2023-09-01T15:27:34.847Z",
"dateUpdated": "2024-09-19T15:35:59.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4721 (GCVE-0-2023-4721)
Vulnerability from cvelistv5 – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:36
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4721",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:59.525183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:36:08.879Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-01T15:27:41.287Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc"
},
{
"url": "https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63"
}
],
"source": {
"advisory": "f457dc62-3cff-47bd-8fd2-1cb2b4a832fc",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4721",
"datePublished": "2023-09-01T15:27:41.287Z",
"dateReserved": "2023-09-01T15:27:32.101Z",
"dateUpdated": "2024-09-19T15:36:08.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4679 (GCVE-0-2023-4679)
Vulnerability from nvd – Published: 2024-11-15 10:53 – Updated: 2024-11-15 19:12
VLAI?
Summary
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash.
Severity ?
5.9 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4679",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T19:10:48.438721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T19:12:15.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T10:53:32.070Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac"
},
{
"url": "https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876"
}
],
"source": {
"advisory": "6f721ee7-8785-4c26-801e-f40fed3faaac",
"discovery": "EXTERNAL"
},
"title": "Use After Free in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2023-4679",
"datePublished": "2024-11-15T10:53:32.070Z",
"dateReserved": "2023-08-31T15:49:10.614Z",
"dateUpdated": "2024-11-15T19:12:15.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0322 (GCVE-0-2024-0322)
Vulnerability from nvd – Published: 2024-01-08 12:38 – Updated: 2025-06-03 14:37
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
4.4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:48.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0322",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T20:12:03.505158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:37:57.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T12:38:35.128Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
},
{
"url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
}
],
"source": {
"advisory": "87611fc9-ed7c-43e9-8e52-d83cd270bbec",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-0322",
"datePublished": "2024-01-08T12:38:35.128Z",
"dateReserved": "2024-01-08T12:38:05.505Z",
"dateUpdated": "2025-06-03T14:37:57.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0321 (GCVE-0-2024-0321)
Vulnerability from nvd – Published: 2024-01-08 12:10 – Updated: 2025-05-16 15:37
VLAI?
Summary
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
4 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:49.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0321",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T15:37:01.802041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T15:37:07.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T12:10:46.709Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
},
{
"url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
}
],
"source": {
"advisory": "4c027b94-8e9c-4c31-a169-893b25047769",
"discovery": "EXTERNAL"
},
"title": "Stack-based Buffer Overflow in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-0321",
"datePublished": "2024-01-08T12:10:46.709Z",
"dateReserved": "2024-01-08T12:06:20.296Z",
"dateUpdated": "2025-05-16T15:37:07.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5998 (GCVE-0-2023-5998)
Vulnerability from nvd – Published: 2023-11-07 18:45 – Updated: 2024-09-04 15:21
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.
Severity ?
4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:14:25.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5998",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T15:20:50.133584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:21:07.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3.0-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-07T18:45:03.305Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
},
{
"url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
}
],
"source": {
"advisory": "ea02a231-b688-422b-a881-ef415bcf6113",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2023-5998",
"datePublished": "2023-11-07T18:45:03.305Z",
"dateReserved": "2023-11-07T18:44:47.880Z",
"dateUpdated": "2024-09-04T15:21:07.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5595 (GCVE-0-2023-5595)
Vulnerability from nvd – Published: 2023-10-16 08:25 – Updated: 2024-09-16 16:48
VLAI?
Summary
Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.
Severity ?
5.1 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5595",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T16:47:35.286681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T16:48:15.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3.0-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-16T08:25:00.327Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
},
{
"url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
}
],
"source": {
"advisory": "0064cf76-ece1-495d-82b4-e4a1bebeb28e",
"discovery": "EXTERNAL"
},
"title": "Denial of Service in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5595",
"datePublished": "2023-10-16T08:25:00.327Z",
"dateReserved": "2023-10-16T08:24:48.287Z",
"dateUpdated": "2024-09-16T16:48:15.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5586 (GCVE-0-2023-5586)
Vulnerability from nvd – Published: 2023-10-15 00:28 – Updated: 2024-09-16 20:00
VLAI?
Summary
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV.
Severity ?
4.4 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:31.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5586",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T20:00:36.385989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T20:00:46.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3.0-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-15T00:28:09.002Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
},
{
"url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
}
],
"source": {
"advisory": "d2a6ea71-3555-47a6-9b18-35455d103740",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5586",
"datePublished": "2023-10-15T00:28:09.002Z",
"dateReserved": "2023-10-15T00:27:58.982Z",
"dateUpdated": "2024-09-16T20:00:46.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5520 (GCVE-0-2023-5520)
Vulnerability from nvd – Published: 2023-10-11 11:56 – Updated: 2024-09-18 15:46
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.
Severity ?
4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5520",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:11:19.786412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:46:12.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T11:56:06.789Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
},
{
"url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
}
],
"source": {
"advisory": "681e42d0-18d4-4ebc-aba0-c5b0f77ac74a",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5520",
"datePublished": "2023-10-11T11:56:06.789Z",
"dateReserved": "2023-10-11T11:55:58.015Z",
"dateUpdated": "2024-09-18T15:46:12.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5377 (GCVE-0-2023-5377)
Vulnerability from nvd – Published: 2023-10-04 09:53 – Updated: 2024-09-17 13:49
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.
Severity ?
5.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5377",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:47:37.672989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T13:49:53.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "v2.2.2-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-04T09:53:52.991Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
},
{
"url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
}
],
"source": {
"advisory": "fe778df4-3867-41d6-954b-211c81bccbbf",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-5377",
"datePublished": "2023-10-04T09:53:52.991Z",
"dateReserved": "2023-10-04T09:53:41.329Z",
"dateUpdated": "2024-09-17T13:49:53.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4778 (GCVE-0-2023-4778)
Vulnerability from nvd – Published: 2023-09-05 15:43 – Updated: 2024-09-27 13:31
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4778",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T13:31:49.902230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T13:31:58.844Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T15:43:08.880Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
},
{
"url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
}
],
"source": {
"advisory": "abb450fb-4ab2-49b0-90da-3d878eea5397",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4778",
"datePublished": "2023-09-05T15:43:08.880Z",
"dateReserved": "2023-09-05T15:42:58.843Z",
"dateUpdated": "2024-09-27T13:31:58.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4758 (GCVE-0-2023-4758)
Vulnerability from nvd – Published: 2023-09-04 15:47 – Updated: 2024-09-19 15:33
VLAI?
Summary
Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4758",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:53.953040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:33:10.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T15:47:36.284Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
},
{
"url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
}
],
"source": {
"advisory": "2f496261-1090-45ac-bc89-cc93c82090d6",
"discovery": "EXTERNAL"
},
"title": "Buffer Over-read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4758",
"datePublished": "2023-09-04T15:47:36.284Z",
"dateReserved": "2023-09-04T15:47:26.521Z",
"dateUpdated": "2024-09-19T15:33:10.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4755 (GCVE-0-2023-4755)
Vulnerability from nvd – Published: 2023-09-04 13:46 – Updated: 2024-09-19 15:35
VLAI?
Summary
Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.3 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4755",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:56.089879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:40.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T13:46:46.060Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
},
{
"url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
}
],
"source": {
"advisory": "463474b7-a4e8-42b6-8b30-e648a77ee6b3",
"discovery": "EXTERNAL"
},
"title": "Use After Free in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4755",
"datePublished": "2023-09-04T13:46:46.060Z",
"dateReserved": "2023-09-04T08:24:36.513Z",
"dateUpdated": "2024-09-19T15:35:40.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4756 (GCVE-0-2023-4756)
Vulnerability from nvd – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
VLAI?
Summary
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4756",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:54.983665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:24.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T08:24:56.615Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
},
{
"url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
}
],
"source": {
"advisory": "2342da0e-f097-4ce7-bfdc-3ec0ba446e05",
"discovery": "EXTERNAL"
},
"title": "Stack-based Buffer Overflow in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4756",
"datePublished": "2023-09-04T08:24:56.615Z",
"dateReserved": "2023-09-04T08:24:51.810Z",
"dateUpdated": "2024-09-19T15:35:24.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4754 (GCVE-0-2023-4754)
Vulnerability from nvd – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
VLAI?
Summary
Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.3 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4754",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:57.113483Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:51.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T08:24:38.003Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
},
{
"url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
}
],
"source": {
"advisory": "b7ed24ad-7d0b-40b7-8f4d-3c18a906620c",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Write in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4754",
"datePublished": "2023-09-04T08:24:38.003Z",
"dateReserved": "2023-09-04T08:24:26.796Z",
"dateUpdated": "2024-09-19T15:35:51.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4722 (GCVE-0-2023-4722)
Vulnerability from nvd – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:35
VLAI?
Summary
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4722",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:58.108346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:35:59.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-01T15:27:41.694Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
},
{
"url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
}
],
"source": {
"advisory": "ddfdb41d-e708-4fec-afe5-68ff1f88f830",
"discovery": "EXTERNAL"
},
"title": "Integer Overflow or Wraparound in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4722",
"datePublished": "2023-09-01T15:27:41.694Z",
"dateReserved": "2023-09-01T15:27:34.847Z",
"dateUpdated": "2024-09-19T15:35:59.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4721 (GCVE-0-2023-4721)
Vulnerability from nvd – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:36
VLAI?
Summary
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
Severity ?
5.9 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4721",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:31:59.525183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:36:08.879Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gpac/gpac",
"vendor": "gpac",
"versions": [
{
"lessThan": "2.3-DEV",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-01T15:27:41.287Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc"
},
{
"url": "https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63"
}
],
"source": {
"advisory": "f457dc62-3cff-47bd-8fd2-1cb2b4a832fc",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in gpac/gpac"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-4721",
"datePublished": "2023-09-01T15:27:41.287Z",
"dateReserved": "2023-09-01T15:27:32.101Z",
"dateUpdated": "2024-09-19T15:36:08.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}