These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A segmentation violation in the gf_media_get_color_info function within /media_tools/isom_tools.c of GPAC Project/MP4Box before version 26.02.0 allows attackers to cause a Denial of Service (DoS) by supplying a crafted data file. The vulnerability was addressed in a commit to the GPAC repository.
A segmentation violation in the gf_isom_apple_set_tag_ex function within GPAC Project/MP4Box allows remote attackers to cause a Denial of Service (DoS) by supplying a crafted MP4 file. The vulnerability exists in /isomedia/isom_write.c and affects versions before 26.02.0. The issue was addressed in a commit to the GPAC repository.
A NULL pointer dereference vulnerability exists in the GPAC Project/MP4Box multimedia framework, specifically within the gf_ac4_pres_b_4_back_channels_present function in /media_tools/av_parsers.c. The flaw affects versions prior to 26.02.0 and can be triggered when processing a crafted AC4 audio file, resulting in a Denial of Service (DoS) condition. The vulnerability was addressed with a code commit tha [truncated]
A NULL pointer dereference vulnerability exists in the gf_odf_ac4_cfg_dsi_v1 function within /odf/descriptors.c in GPAC Project/MP4Box versions prior to 26.02.0. The flaw can be triggered when processing a crafted AC4 audio file, resulting in a Denial of Service (DoS) condition. The vulnerability was addressed in a commit to the GPAC repository.