Gpac Mp4box
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Gpac Mp4box.
By the Year
In 2026 there have been 0 vulnerabilities in Gpac Mp4box. Mp4box did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 5.50 |
| 2023 | 15 | 7.60 |
| 2022 | 2 | 7.65 |
| 2021 | 3 | 7.50 |
It may take a day or so for new Mp4box vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Gpac Mp4box Security Vulnerabilities
GPAC MP4Box Null Ptr Deref in m2tsdmx_on_event (v 2.5-DEV)
CVE-2024-6063
5.5 - Medium
- June 17, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmx_on_event of the file src/filters/dmx_m2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8767ed0a77c4b02287db3723e92c2169f67c85d5. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-268791.
NULL Pointer Dereference
GPAC MP4Box Buffer Overflow in eac3_update_channels
CVE-2022-47653
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113
Classic Buffer Overflow
Buffer Overflow in GPAC MP4box 2.1 GF_HEVC_READ (av_parsers.c)
CVE-2022-47654
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261
Classic Buffer Overflow
Buffer Overflow in GPAC MP4box 2.1DEV h263dmx_process filter
CVE-2022-47663
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609
Classic Buffer Overflow
GPAC MP4Box 2.1-DEV: stack overflow via infinite Media_GetSample recursion
CVE-2022-47662
5.5 - Medium
- January 05, 2023
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662
Stack Exhaustion
GPAC MP4Box 2.1-DEV Buffer Overflow in av_parsers.c
CVE-2022-47661
7.8 - High
- January 05, 2023
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes
Memory Corruption
GPAC MP4Box 2.1 integer overflow in isom_write.c
CVE-2022-47660
7.8 - High
- January 05, 2023
GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c
Integer Overflow or Wraparound
GPAC MP4box 2.1-DEV Buffer Overflow in gf_bs_read_data
CVE-2022-47659
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data
Memory Corruption
GPAC MP4Box 2.1-DEV Buffer Overflow in gf_hevc_read_vps_bs_internal
CVE-2022-47658
7.8 - High
- January 05, 2023
GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039
Classic Buffer Overflow
GPAC MP4Box pre-2.1 buffer overflow in hevc_parse_vps_extension
CVE-2022-47657
7.8 - High
- January 05, 2023
GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662
Classic Buffer Overflow
GPAC MP4box Buffer Overflow in gf_hevc_read_sps_bs_internal (dev 2.1)
CVE-2022-47656
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273
Classic Buffer Overflow
Null Ptr Deref in GPAC MP4box 2.1 via m2tsdmx_declare_pid
CVE-2022-47094
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid
NULL Pointer Dereference
GPAC MP4box 2.1-DEV Buffer Overflow in hevc_parse_vps_extension
CVE-2022-47095
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c
Classic Buffer Overflow
GPAC MP4Box <=2.1-DEV heap UAF via m2tsdmx_declare_pid
CVE-2022-47093
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid
Dangling pointer
Integer overflow in GPAC MP4Box 2.1-DEV: gf_hevc_read_sps_bs_internal
CVE-2022-47092
7.1 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is contains an Integer overflow vulnerability in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8316
Integer Overflow or Wraparound
GPAC MP4Box 2.1-DEV Buffer Overflow in gf_vvc_read_sps_bs_internal
CVE-2022-47089
7.8 - High
- January 05, 2023
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c
Classic Buffer Overflow
GPAC mp4box 2.1-DEV UAF in gf_isom_dovi_config_get
CVE-2022-36190
9.8 - Critical
- August 17, 2022
GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.
Dangling pointer
In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769
CVE-2021-41458
5.5 - Medium
- June 16, 2022
In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.
Memory Corruption
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter
CVE-2021-41456
7.5 - High
- October 01, 2021
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability.
Memory Corruption
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing
CVE-2021-41457
7.5 - High
- October 01, 2021
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability.
Memory Corruption
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXml
CVE-2021-41459
7.5 - High
- October 01, 2021
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Gpac Mp4box or by Gpac? Click the Watch button to subscribe.
