Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gpac — Vulnerabilities & Security Advisories 49

Browse all 49 CVE security advisories affecting gpac. AI-powered Chinese analysis, POCs, and references for each vulnerability.

gpac serves as an open-source multimedia framework primarily utilized for encoding, decoding, and streaming audio and video content across various platforms. Its widespread adoption in media processing pipelines has exposed it to significant security risks, resulting in forty-nine recorded Common Vulnerabilities and Exposures. Historically, the software has been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and memory management errors within its parsing modules. These vulnerabilities allow attackers to execute arbitrary commands or crash systems, compromising data integrity and availability. While no single catastrophic incident dominates its history, the cumulative effect of these bugs highlights the challenges of maintaining complex multimedia libraries. Continuous updates and rigorous code auditing remain essential to mitigate these persistent threats and ensure secure deployment in enterprise environments.

Top products by gpac: gpac/gpac gpac
CVE IDTitleCVSSSeverityPublished
CVE-2026-33144 GPAC MP4Box Heap Buffer Overflow Write in gf_xml_parse_bit_sequence_bs (NHML BS Parsing) — gpacCWE-787 5.8 Medium2026-03-20
CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow — gpacCWE-121 8.1AIHighAI2026-02-26
CVE-2023-4679 Use After Free in gpac/gpac — gpac/gpacCWE-416 5.5AIMediumAI2024-11-15
CVE-2024-0322 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1AIHighAI2024-01-08
CVE-2024-0321 Stack-based Buffer Overflow in gpac/gpac — gpac/gpacCWE-121 7.8AIHighAI2024-01-08
CVE-2023-5998 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1 -2023-11-07
CVE-2023-5595 Denial of Service in gpac/gpac — gpac/gpacCWE-400 5.5 -2023-10-16
CVE-2023-5586 NULL Pointer Dereference in gpac/gpac — gpac/gpacCWE-476 5.5 -2023-10-15
CVE-2023-5520 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1 -2023-10-11
CVE-2023-5377 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1 -2023-10-04
CVE-2023-4778 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1 -2023-09-05
CVE-2023-4758 Buffer Over-read in gpac/gpac — gpac/gpacCWE-126 7.8 -2023-09-04
CVE-2023-4755 Use After Free in gpac/gpac — gpac/gpacCWE-416 7.8 -2023-09-04
CVE-2023-4756 Stack-based Buffer Overflow in gpac/gpac — gpac/gpacCWE-121 7.8 -2023-09-04
CVE-2023-4754 Out-of-bounds Write in gpac/gpac — gpac/gpacCWE-787 7.8 -2023-09-04
CVE-2023-4722 Integer Overflow or Wraparound in gpac/gpac — gpac/gpacCWE-190 7.8 -2023-09-01
CVE-2023-4720 Floating Point Comparison with Incorrect Operator in gpac/gpac — gpac/gpacCWE-1077 6.2 -2023-09-01
CVE-2023-4721 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1 -2023-09-01
CVE-2023-4683 NULL Pointer Dereference in gpac/gpac — gpac/gpacCWE-476 5.5 -2023-08-31
CVE-2023-4682 Heap-based Buffer Overflow in gpac/gpac — gpac/gpacCWE-122 7.8 -2023-08-31
CVE-2023-4681 NULL Pointer Dereference in gpac/gpac — gpac/gpacCWE-476 5.5 -2023-08-31
CVE-2023-4678 Divide By Zero in gpac/gpac — gpac/gpacCWE-369 7.1 -2023-08-31
CVE-2023-3523 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1 -2023-07-06
CVE-2023-3291 Heap-based Buffer Overflow in gpac/gpac — gpac/gpacCWE-122 7.8 -2023-06-16
CVE-2023-3012 NULL Pointer Dereference in gpac/gpac — gpac/gpacCWE-476 5.5 -2023-05-31
CVE-2023-3013 Unchecked Return Value in gpac/gpac — gpac/gpacCWE-252 6.1 -2023-05-31
CVE-2023-2837 Stack-based Buffer Overflow in gpac/gpac — gpac/gpacCWE-121 7.8 -2023-05-22
CVE-2023-2838 Out-of-bounds Read in gpac/gpac — gpac/gpacCWE-125 7.1 -2023-05-22
CVE-2023-2839 Divide By Zero in gpac/gpac — gpac/gpacCWE-369 7.1 -2023-05-22
CVE-2023-2840 NULL Pointer Dereference in gpac/gpac — gpac/gpacCWE-476 5.5 -2023-05-22

This page lists every published CVE security advisory associated with gpac. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.