Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

GPAC — Vulnerabilities & Security Advisories 40

All 40 CVE vulnerabilities found in GPAC, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive vulnerability aggregation report for GPAC, focusing on general software weaknesses and security flaws. It collects and organizes data regarding various types of vulnerabilities found in this specific product line, including buffer overflows, input validation errors, and memory corruption issues, covering data from 2010 to 2023. This resource is designed to help security professionals and developers track vendor advisories, understand the historical context of specific weakness classes, and look up a product's vulnerability history to assess risk exposure. By centralizing this information, the page aims to facilitate better security decision-making and patch management strategies. Users can explore detailed descriptions of each flaw, along with references to official vendor patches and third-party security bulletins. The aggregation process ensures that related issues are grouped logically, making it easier to identify patterns in GPAC's development lifecycle and security posture. This approach supports proactive threat mitigation by providing a clear overview of known defects and their resolutions over time, without emphasizing any commercial advantages or promotional content.

Vendor: n/a

CVE IDTitleCVSSSeverityPublished
CVE-2026-9572 GPAC MP4Box media.c Media_GetSample memory leak CWE-401 3.3 Low2026-05-26
CVE-2026-9567 GPAC MP4Box isom_intern.c MergeFragment null pointer dereference CWE-476 3.3 Low2026-05-26
CVE-2026-8124 GPAC box_code_base.c sidx_box_read allocation of resources CWE-770 3.3 Low2026-05-08
CVE-2026-7135 GPAC MP4Box box_code_base.c elng_box_read out-of-bounds CWE-125 5.3 Medium2026-04-27
CVE-2026-33144 GPAC MP4Box Heap Buffer Overflow Write in gf_xml_parse_bit_sequence_bs (NHML BS Parsing) CWE-787 5.8 Medium2026-03-20
CVE-2026-4185 GPAC MP4Box swf_parse.c swf_def_bits_jpeg stack-based overflow CWE-121 6.3 Medium2026-03-15
CVE-2026-4016 GPAC SVG Parser load_svg.c svgin_process out-of-bounds write CWE-787 5.3 Medium2026-03-12
CVE-2026-4015 GPAC TeXML File load_text.c txtin_process_texml stack-based overflow CWE-121 5.3 Medium2026-03-12
CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow CWE-121 8.1AIHighAI2026-02-26
CVE-2026-1418 GPAC SRT Subtitle Import text_to_bifs.c gf_text_import_srt_bifs out-of-bounds write CWE-787 5.3 Medium2026-01-26
CVE-2026-1417 GPAC filedump.c dump_isom_rtp null pointer dereference CWE-476 3.3 Low2026-01-26
CVE-2026-1416 GPAC filedump.c DumpMovieInfo null pointer dereference CWE-476 3.3 Low2026-01-26
CVE-2026-1415 GPAC media_export.c gf_media_export_webvtt_metadata null pointer dereference CWE-476 3.3 Low2026-01-26
CVE-2025-7797 GPAC dash_client.c gf_dash_download_init_segment null pointer dereference CWE-476 5.3 Medium2025-07-18
CVE-2024-6064 GPAC MP4Box loader_xmt.c xmt_node_end use after free CWE-416 5.3 Medium2024-06-17
CVE-2024-6063 GPAC MP4Box dmx_m2ts.c m2tsdmx_on_event null pointer dereference CWE-476 3.3 Low2024-06-17
CVE-2024-6062 GPAC MP4Box load_text.c swf_svg_add_iso_sample null pointer dereference CWE-476 3.3 Low2024-06-17
CVE-2024-6061 GPAC MP4Box isoffin_read.c isoffin_process infinite loop CWE-835 3.3 Low2024-06-17
CVE-2023-1452 GPAC load_text.c buffer overflow CWE-120 5.3 Medium2023-03-17
CVE-2023-1449 GPAC av_parsers.c gf_av1_reset_state double free CWE-415 5.3 Medium2023-03-17
CVE-2023-1448 GPAC mpegts.c gf_m2ts_process_sdt heap-based overflow CWE-122 5.3 Medium2023-03-17
CVE-2023-0841 GPAC reframe_mp3.c mp3_dmx_process heap-based overflow CWE-122 6.3 Medium2023-02-15
CVE-2022-4202 GPAC lsr_dec.c lsr_translate_coords integer overflow CWE-189 6.3 Medium2022-11-29
CVE-2022-3957 GPAC SVG Parser svg_attributes.c svg_parse_preserveaspectratio memory leak CWE-404 4.3 Medium2022-11-11
CVE-2022-1441 GPAC 缓冲区错误漏洞 CWE-119 7.8 -2022-04-25
CVE-2021-21862 GPAC Project Advanced Content 缓冲区错误漏洞 CWE-680 8.8 -2021-08-18
CVE-2021-21858 GPAC Project Advanced Content 缓冲区错误漏洞 CWE-680 8.8 -2021-08-18
CVE-2021-21857 GPAC Project Advanced Content 缓冲区错误漏洞 CWE-680 8.8 -2021-08-18
CVE-2021-21856 GPAC Project Advanced Content 缓冲区错误漏洞 CWE-680 8.8 -2021-08-18
CVE-2021-21855 GPAC Project Advanced Content 缓冲区错误漏洞 CWE-680 8.8 -2021-08-18

All 40 known CVE vulnerabilities affecting GPAC with full Chinese analysis, references, and POCs where available.