Search

Find a vulnerability

Search criteria

    94 vulnerabilities found for gpac/gpac by gpac

    CVE-2023-4679 (GCVE-0-2023-4679)

    Vulnerability from nvd – Published: 2024-11-15 10:53 – Updated: 2024-11-15 19:12
    VLAI
    Title
    Use After Free in gpac/gpac
    Summary
    A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    gpac gpac Affected: 0 , < 2.3-DEV (custom)
        cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gpac",
                "vendor": "gpac",
                "versions": [
                  {
                    "lessThan": "2.3-DEV",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.9,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4679",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T19:10:48.438721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T19:12:15.195Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-15T10:53:32.070Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876"
            }
          ],
          "source": {
            "advisory": "6f721ee7-8785-4c26-801e-f40fed3faaac",
            "discovery": "EXTERNAL"
          },
          "title": "Use After Free in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2023-4679",
        "datePublished": "2024-11-15T10:53:32.070Z",
        "dateReserved": "2023-08-31T15:49:10.614Z",
        "dateUpdated": "2024-11-15T19:12:15.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0322 (GCVE-0-2024-0322)

    Vulnerability from nvd – Published: 2024-01-08 12:38 – Updated: 2025-06-03 14:37
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:48.965Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0322",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T20:12:03.505158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T14:37:57.761Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-08T12:38:35.128Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
            }
          ],
          "source": {
            "advisory": "87611fc9-ed7c-43e9-8e52-d83cd270bbec",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2024-0322",
        "datePublished": "2024-01-08T12:38:35.128Z",
        "dateReserved": "2024-01-08T12:38:05.505Z",
        "dateUpdated": "2025-06-03T14:37:57.761Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0321 (GCVE-0-2024-0321)

    Vulnerability from nvd – Published: 2024-01-08 12:10 – Updated: 2025-05-16 15:37
    VLAI
    Title
    Stack-based Buffer Overflow in gpac/gpac
    Summary
    Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:49.224Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0321",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-16T15:37:01.802041Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-16T15:37:07.837Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-08T12:10:46.709Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
            }
          ],
          "source": {
            "advisory": "4c027b94-8e9c-4c31-a169-893b25047769",
            "discovery": "EXTERNAL"
          },
          "title": "Stack-based Buffer Overflow in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2024-0321",
        "datePublished": "2024-01-08T12:10:46.709Z",
        "dateReserved": "2024-01-08T12:06:20.296Z",
        "dateUpdated": "2025-05-16T15:37:07.837Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5998 (GCVE-0-2023-5998)

    Vulnerability from nvd – Published: 2023-11-07 18:45 – Updated: 2024-09-04 15:21
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3.0-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:14:25.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5998",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-04T15:20:50.133584Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-04T15:21:07.265Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3.0-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-07T18:45:03.305Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
            }
          ],
          "source": {
            "advisory": "ea02a231-b688-422b-a881-ef415bcf6113",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2023-5998",
        "datePublished": "2023-11-07T18:45:03.305Z",
        "dateReserved": "2023-11-07T18:44:47.880Z",
        "dateUpdated": "2024-09-04T15:21:07.265Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5595 (GCVE-0-2023-5595)

    Vulnerability from nvd – Published: 2023-10-16 08:25 – Updated: 2024-09-16 16:48
    VLAI
    Title
    Denial of Service in gpac/gpac
    Summary
    Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3.0-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:07:32.266Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5595",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-16T16:47:35.286681Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-16T16:48:15.354Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3.0-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-16T08:25:00.327Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
            }
          ],
          "source": {
            "advisory": "0064cf76-ece1-495d-82b4-e4a1bebeb28e",
            "discovery": "EXTERNAL"
          },
          "title": "Denial of Service in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5595",
        "datePublished": "2023-10-16T08:25:00.327Z",
        "dateReserved": "2023-10-16T08:24:48.287Z",
        "dateUpdated": "2024-09-16T16:48:15.354Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5586 (GCVE-0-2023-5586)

    Vulnerability from nvd – Published: 2023-10-15 00:28 – Updated: 2024-09-16 20:00
    VLAI
    Title
    NULL Pointer Dereference in gpac/gpac
    Summary
    NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3.0-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:07:31.866Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5586",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-16T20:00:36.385989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-16T20:00:46.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3.0-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-15T00:28:09.002Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
            }
          ],
          "source": {
            "advisory": "d2a6ea71-3555-47a6-9b18-35455d103740",
            "discovery": "EXTERNAL"
          },
          "title": "NULL Pointer Dereference in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5586",
        "datePublished": "2023-10-15T00:28:09.002Z",
        "dateReserved": "2023-10-15T00:27:58.982Z",
        "dateUpdated": "2024-09-16T20:00:46.418Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5520 (GCVE-0-2023-5520)

    Vulnerability from nvd – Published: 2023-10-11 11:56 – Updated: 2024-09-18 15:46
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.2.2 (custom)
    Create a notification for this product.
    gpac gpac Affected: 0 , < 2.2.2 (custom)
        cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.854Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gpac",
                "vendor": "gpac",
                "versions": [
                  {
                    "lessThan": "2.2.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5520",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T15:11:19.786412Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T15:46:12.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-11T11:56:06.789Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
            }
          ],
          "source": {
            "advisory": "681e42d0-18d4-4ebc-aba0-c5b0f77ac74a",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5520",
        "datePublished": "2023-10-11T11:56:06.789Z",
        "dateReserved": "2023-10-11T11:55:58.015Z",
        "dateUpdated": "2024-09-18T15:46:12.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5377 (GCVE-0-2023-5377)

    Vulnerability from nvd – Published: 2023-10-04 09:53 – Updated: 2024-09-17 13:49
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < v2.2.2-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.346Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5377",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:47:37.672989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T13:49:53.615Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "v2.2.2-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-04T09:53:52.991Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
            }
          ],
          "source": {
            "advisory": "fe778df4-3867-41d6-954b-211c81bccbbf",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5377",
        "datePublished": "2023-10-04T09:53:52.991Z",
        "dateReserved": "2023-10-04T09:53:41.329Z",
        "dateUpdated": "2024-09-17T13:49:53.615Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4778 (GCVE-0-2023-4778)

    Vulnerability from nvd – Published: 2023-09-05 15:43 – Updated: 2024-09-27 13:31
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.714Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4778",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T13:31:49.902230Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T13:31:58.844Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-05T15:43:08.880Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
            }
          ],
          "source": {
            "advisory": "abb450fb-4ab2-49b0-90da-3d878eea5397",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4778",
        "datePublished": "2023-09-05T15:43:08.880Z",
        "dateReserved": "2023-09-05T15:42:58.843Z",
        "dateUpdated": "2024-09-27T13:31:58.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4758 (GCVE-0-2023-4758)

    Vulnerability from nvd – Published: 2023-09-04 15:47 – Updated: 2024-09-19 15:33
    VLAI
    Title
    Buffer Over-read in gpac/gpac
    Summary
    Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.640Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4758",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:53.953040Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:33:10.151Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T15:47:36.284Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
            }
          ],
          "source": {
            "advisory": "2f496261-1090-45ac-bc89-cc93c82090d6",
            "discovery": "EXTERNAL"
          },
          "title": "Buffer Over-read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4758",
        "datePublished": "2023-09-04T15:47:36.284Z",
        "dateReserved": "2023-09-04T15:47:26.521Z",
        "dateUpdated": "2024-09-19T15:33:10.151Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4755 (GCVE-0-2023-4755)

    Vulnerability from nvd – Published: 2023-09-04 13:46 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Use After Free in gpac/gpac
    Summary
    Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4755",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:56.089879Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:40.223Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T13:46:46.060Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
            }
          ],
          "source": {
            "advisory": "463474b7-a4e8-42b6-8b30-e648a77ee6b3",
            "discovery": "EXTERNAL"
          },
          "title": "Use After Free in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4755",
        "datePublished": "2023-09-04T13:46:46.060Z",
        "dateReserved": "2023-09-04T08:24:36.513Z",
        "dateUpdated": "2024-09-19T15:35:40.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4756 (GCVE-0-2023-4756)

    Vulnerability from nvd – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Stack-based Buffer Overflow in gpac/gpac
    Summary
    Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.760Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4756",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:54.983665Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:24.697Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T08:24:56.615Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
            }
          ],
          "source": {
            "advisory": "2342da0e-f097-4ce7-bfdc-3ec0ba446e05",
            "discovery": "EXTERNAL"
          },
          "title": "Stack-based Buffer Overflow in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4756",
        "datePublished": "2023-09-04T08:24:56.615Z",
        "dateReserved": "2023-09-04T08:24:51.810Z",
        "dateUpdated": "2024-09-19T15:35:24.697Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4754 (GCVE-0-2023-4754)

    Vulnerability from nvd – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Out-of-bounds Write in gpac/gpac
    Summary
    Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.500Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4754",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:57.113483Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:51.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T08:24:38.003Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
            }
          ],
          "source": {
            "advisory": "b7ed24ad-7d0b-40b7-8f4d-3c18a906620c",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Write in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4754",
        "datePublished": "2023-09-04T08:24:38.003Z",
        "dateReserved": "2023-09-04T08:24:26.796Z",
        "dateUpdated": "2024-09-19T15:35:51.496Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4722 (GCVE-0-2023-4722)

    Vulnerability from nvd – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Integer Overflow or Wraparound in gpac/gpac
    Summary
    Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4722",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:58.108346Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:59.542Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-01T15:27:41.694Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
            }
          ],
          "source": {
            "advisory": "ddfdb41d-e708-4fec-afe5-68ff1f88f830",
            "discovery": "EXTERNAL"
          },
          "title": "Integer Overflow or Wraparound in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4722",
        "datePublished": "2023-09-01T15:27:41.694Z",
        "dateReserved": "2023-09-01T15:27:34.847Z",
        "dateUpdated": "2024-09-19T15:35:59.542Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4721 (GCVE-0-2023-4721)

    Vulnerability from nvd – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:36
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.651Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4721",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:59.525183Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:36:08.879Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-01T15:27:41.287Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63"
            }
          ],
          "source": {
            "advisory": "f457dc62-3cff-47bd-8fd2-1cb2b4a832fc",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4721",
        "datePublished": "2023-09-01T15:27:41.287Z",
        "dateReserved": "2023-09-01T15:27:32.101Z",
        "dateUpdated": "2024-09-19T15:36:08.879Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4720 (GCVE-0-2023-4720)

    Vulnerability from nvd – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:36
    VLAI
    Title
    Floating Point Comparison with Incorrect Operator in gpac/gpac
    Summary
    Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1077 - Floating Point Comparison with Incorrect Operator
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.642Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4720",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:32:00.651083Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:36:24.017Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1077",
                  "description": "CWE-1077 Floating Point Comparison with Incorrect Operator",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-01T15:27:40.853Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a"
            }
          ],
          "source": {
            "advisory": "1dc2954c-8497-49fa-b2af-113e1e9381ad",
            "discovery": "EXTERNAL"
          },
          "title": "Floating Point Comparison with Incorrect Operator in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4720",
        "datePublished": "2023-09-01T15:27:40.853Z",
        "dateReserved": "2023-09-01T15:27:30.519Z",
        "dateUpdated": "2024-09-19T15:36:24.017Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4679 (GCVE-0-2023-4679)

    Vulnerability from cvelistv5 – Published: 2024-11-15 10:53 – Updated: 2024-11-15 19:12
    VLAI
    Title
    Use After Free in gpac/gpac
    Summary
    A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    gpac gpac Affected: 0 , < 2.3-DEV (custom)
        cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gpac",
                "vendor": "gpac",
                "versions": [
                  {
                    "lessThan": "2.3-DEV",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.9,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4679",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T19:10:48.438721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T19:12:15.195Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-15T10:53:32.070Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876"
            }
          ],
          "source": {
            "advisory": "6f721ee7-8785-4c26-801e-f40fed3faaac",
            "discovery": "EXTERNAL"
          },
          "title": "Use After Free in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2023-4679",
        "datePublished": "2024-11-15T10:53:32.070Z",
        "dateReserved": "2023-08-31T15:49:10.614Z",
        "dateUpdated": "2024-11-15T19:12:15.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0322 (GCVE-0-2024-0322)

    Vulnerability from cvelistv5 – Published: 2024-01-08 12:38 – Updated: 2025-06-03 14:37
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:48.965Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0322",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T20:12:03.505158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T14:37:57.761Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-08T12:38:35.128Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70"
            }
          ],
          "source": {
            "advisory": "87611fc9-ed7c-43e9-8e52-d83cd270bbec",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2024-0322",
        "datePublished": "2024-01-08T12:38:35.128Z",
        "dateReserved": "2024-01-08T12:38:05.505Z",
        "dateUpdated": "2025-06-03T14:37:57.761Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0321 (GCVE-0-2024-0321)

    Vulnerability from cvelistv5 – Published: 2024-01-08 12:10 – Updated: 2025-05-16 15:37
    VLAI
    Title
    Stack-based Buffer Overflow in gpac/gpac
    Summary
    Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:49.224Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0321",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-16T15:37:01.802041Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-16T15:37:07.837Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-08T12:10:46.709Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a"
            }
          ],
          "source": {
            "advisory": "4c027b94-8e9c-4c31-a169-893b25047769",
            "discovery": "EXTERNAL"
          },
          "title": "Stack-based Buffer Overflow in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2024-0321",
        "datePublished": "2024-01-08T12:10:46.709Z",
        "dateReserved": "2024-01-08T12:06:20.296Z",
        "dateUpdated": "2025-05-16T15:37:07.837Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5998 (GCVE-0-2023-5998)

    Vulnerability from cvelistv5 – Published: 2023-11-07 18:45 – Updated: 2024-09-04 15:21
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3.0-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:14:25.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5998",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-04T15:20:50.133584Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-04T15:21:07.265Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3.0-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-07T18:45:03.305Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntr_ai"
          },
          "references": [
            {
              "url": "https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e"
            }
          ],
          "source": {
            "advisory": "ea02a231-b688-422b-a881-ef415bcf6113",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntr_ai",
        "cveId": "CVE-2023-5998",
        "datePublished": "2023-11-07T18:45:03.305Z",
        "dateReserved": "2023-11-07T18:44:47.880Z",
        "dateUpdated": "2024-09-04T15:21:07.265Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5595 (GCVE-0-2023-5595)

    Vulnerability from cvelistv5 – Published: 2023-10-16 08:25 – Updated: 2024-09-16 16:48
    VLAI
    Title
    Denial of Service in gpac/gpac
    Summary
    Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3.0-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:07:32.266Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5595",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-16T16:47:35.286681Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-16T16:48:15.354Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3.0-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-16T08:25:00.327Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1"
            }
          ],
          "source": {
            "advisory": "0064cf76-ece1-495d-82b4-e4a1bebeb28e",
            "discovery": "EXTERNAL"
          },
          "title": "Denial of Service in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5595",
        "datePublished": "2023-10-16T08:25:00.327Z",
        "dateReserved": "2023-10-16T08:24:48.287Z",
        "dateUpdated": "2024-09-16T16:48:15.354Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5586 (GCVE-0-2023-5586)

    Vulnerability from cvelistv5 – Published: 2023-10-15 00:28 – Updated: 2024-09-16 20:00
    VLAI
    Title
    NULL Pointer Dereference in gpac/gpac
    Summary
    NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3.0-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:07:31.866Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5586",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-16T20:00:36.385989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-16T20:00:46.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3.0-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-15T00:28:09.002Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc"
            }
          ],
          "source": {
            "advisory": "d2a6ea71-3555-47a6-9b18-35455d103740",
            "discovery": "EXTERNAL"
          },
          "title": "NULL Pointer Dereference in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5586",
        "datePublished": "2023-10-15T00:28:09.002Z",
        "dateReserved": "2023-10-15T00:27:58.982Z",
        "dateUpdated": "2024-09-16T20:00:46.418Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5520 (GCVE-0-2023-5520)

    Vulnerability from cvelistv5 – Published: 2023-10-11 11:56 – Updated: 2024-09-18 15:46
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.2.2 (custom)
    Create a notification for this product.
    gpac gpac Affected: 0 , < 2.2.2 (custom)
        cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.854Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gpac",
                "vendor": "gpac",
                "versions": [
                  {
                    "lessThan": "2.2.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5520",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T15:11:19.786412Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T15:46:12.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-11T11:56:06.789Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e"
            }
          ],
          "source": {
            "advisory": "681e42d0-18d4-4ebc-aba0-c5b0f77ac74a",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5520",
        "datePublished": "2023-10-11T11:56:06.789Z",
        "dateReserved": "2023-10-11T11:55:58.015Z",
        "dateUpdated": "2024-09-18T15:46:12.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5377 (GCVE-0-2023-5377)

    Vulnerability from cvelistv5 – Published: 2023-10-04 09:53 – Updated: 2024-09-17 13:49
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < v2.2.2-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:59:44.346Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5377",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:47:37.672989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T13:49:53.615Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "v2.2.2-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-04T09:53:52.991Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/fe778df4-3867-41d6-954b-211c81bccbbf"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/8e9d6b38c036a97020c462ad48e1132e0ddc57ce"
            }
          ],
          "source": {
            "advisory": "fe778df4-3867-41d6-954b-211c81bccbbf",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-5377",
        "datePublished": "2023-10-04T09:53:52.991Z",
        "dateReserved": "2023-10-04T09:53:41.329Z",
        "dateUpdated": "2024-09-17T13:49:53.615Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4778 (GCVE-0-2023-4778)

    Vulnerability from cvelistv5 – Published: 2023-09-05 15:43 – Updated: 2024-09-27 13:31
    VLAI
    Title
    Out-of-bounds Read in gpac/gpac
    Summary
    Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.714Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4778",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T13:31:49.902230Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T13:31:58.844Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-05T15:43:08.880Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed"
            }
          ],
          "source": {
            "advisory": "abb450fb-4ab2-49b0-90da-3d878eea5397",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4778",
        "datePublished": "2023-09-05T15:43:08.880Z",
        "dateReserved": "2023-09-05T15:42:58.843Z",
        "dateUpdated": "2024-09-27T13:31:58.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4758 (GCVE-0-2023-4758)

    Vulnerability from cvelistv5 – Published: 2023-09-04 15:47 – Updated: 2024-09-19 15:33
    VLAI
    Title
    Buffer Over-read in gpac/gpac
    Summary
    Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.640Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4758",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:53.953040Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:33:10.151Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126 Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T15:47:36.284Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86"
            }
          ],
          "source": {
            "advisory": "2f496261-1090-45ac-bc89-cc93c82090d6",
            "discovery": "EXTERNAL"
          },
          "title": "Buffer Over-read in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4758",
        "datePublished": "2023-09-04T15:47:36.284Z",
        "dateReserved": "2023-09-04T15:47:26.521Z",
        "dateUpdated": "2024-09-19T15:33:10.151Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4755 (GCVE-0-2023-4755)

    Vulnerability from cvelistv5 – Published: 2023-09-04 13:46 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Use After Free in gpac/gpac
    Summary
    Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4755",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:56.089879Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:40.223Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T13:46:46.060Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a"
            }
          ],
          "source": {
            "advisory": "463474b7-a4e8-42b6-8b30-e648a77ee6b3",
            "discovery": "EXTERNAL"
          },
          "title": "Use After Free in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4755",
        "datePublished": "2023-09-04T13:46:46.060Z",
        "dateReserved": "2023-09-04T08:24:36.513Z",
        "dateUpdated": "2024-09-19T15:35:40.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4756 (GCVE-0-2023-4756)

    Vulnerability from cvelistv5 – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Stack-based Buffer Overflow in gpac/gpac
    Summary
    Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:37:59.760Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4756",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:54.983665Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:24.697Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T08:24:56.615Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01"
            }
          ],
          "source": {
            "advisory": "2342da0e-f097-4ce7-bfdc-3ec0ba446e05",
            "discovery": "EXTERNAL"
          },
          "title": "Stack-based Buffer Overflow in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4756",
        "datePublished": "2023-09-04T08:24:56.615Z",
        "dateReserved": "2023-09-04T08:24:51.810Z",
        "dateUpdated": "2024-09-19T15:35:24.697Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4754 (GCVE-0-2023-4754)

    Vulnerability from cvelistv5 – Published: 2023-09-04 08:24 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Out-of-bounds Write in gpac/gpac
    Summary
    Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.500Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4754",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:57.113483Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:51.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-04T08:24:38.003Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0"
            }
          ],
          "source": {
            "advisory": "b7ed24ad-7d0b-40b7-8f4d-3c18a906620c",
            "discovery": "EXTERNAL"
          },
          "title": "Out-of-bounds Write in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4754",
        "datePublished": "2023-09-04T08:24:38.003Z",
        "dateReserved": "2023-09-04T08:24:26.796Z",
        "dateUpdated": "2024-09-19T15:35:51.496Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4722 (GCVE-0-2023-4722)

    Vulnerability from cvelistv5 – Published: 2023-09-01 15:27 – Updated: 2024-09-19 15:35
    VLAI
    Title
    Integer Overflow or Wraparound in gpac/gpac
    Summary
    Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    Impacted products
    Vendor Product Version
    gpac gpac/gpac Affected: unspecified , < 2.3-DEV (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:38:00.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4722",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T15:31:58.108346Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T15:35:59.542Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "gpac/gpac",
              "vendor": "gpac",
              "versions": [
                {
                  "lessThan": "2.3-DEV",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-09-01T15:27:41.694Z",
            "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
            "shortName": "@huntrdev"
          },
          "references": [
            {
              "url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830"
            },
            {
              "url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76"
            }
          ],
          "source": {
            "advisory": "ddfdb41d-e708-4fec-afe5-68ff1f88f830",
            "discovery": "EXTERNAL"
          },
          "title": "Integer Overflow or Wraparound in gpac/gpac"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "assignerShortName": "@huntrdev",
        "cveId": "CVE-2023-4722",
        "datePublished": "2023-09-01T15:27:41.694Z",
        "dateReserved": "2023-09-01T15:27:34.847Z",
        "dateUpdated": "2024-09-19T15:35:59.542Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }