An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1337 https://lists.debian.org/debian-lts-announce/2020/01/msg00017.html
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid pointer dereference in the function GF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1328 https://lists.debian.org/debian-lts-announce/2020/01/msg00017.html
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function trak_Read() in isomedia/box_code_base.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1329
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gf_isom_box_dump_ex() in isomedia/box_funcs.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1333
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function senc_Parse() in isomedia/box_code_drm.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1330
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_dump() in isomedia/box_dump.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1331
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function ilst_item_Read() in isomedia/box_code_apple.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1338 https://lists.debian.org/debian-lts-announce/2020/01/msg00017.html
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_box_del() in isomedia/box_funcs.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1332
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_odf_avc_cfg_write_bs() in odf/descriptors.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1335 https://lists.debian.org/debian-lts-announce/2020/01/msg00017.html
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function gf_isom_box_parse_ex() in isomedia/box_funcs.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1327 https://lists.debian.org/debian-lts-announce/2020/01/msg00017.html
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1320 https://lists.debian.org/debian-lts-announce/2020/01/msg00017.html
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1_parse_tile_group() in media_tools/av_parsers.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1334
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a memory leak in dinf_New() in isomedia/box_code_base.c. Date published : 2019-12-30 https://github.com/gpac/gpac/issues/1321
ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by ‘constructor’: {‘name’:’Symbol’}. Hence, a crafted payload can overwrite this builtin attribute to...