[Git][security-tracker-team/security-tracker][master] Add new gpac issues

Mon, 14 Mar 2022 14:10:34 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d4a1003a by Salvatore Bonaccorso at 2022-03-14T22:09:53+01:00
Add new gpac issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6887,15 +6887,28 @@ CVE-2022-24580
 CVE-2022-24579
        RESERVED
 CVE-2022-24578 (GPAC 1.0.1 is affected by a heap-based buffer overflow in 
SFS_AddStrin ...)
-       TODO: check
+       - gpac 2.0.0+dfsg1-2
+       NOTE: https://huntr.dev/bounties/1691cca3-ab54-4259-856b-751be2395b11/
+       NOTE: 
https://github.com/gpac/gpac/commit/b5741da08e88e8dcc8da0a7669b92405b9862850 
(v2.0.0)
 CVE-2022-24577 (GPAC 1.0.1 is affected by a NULL pointer dereference in 
gf_utf8_wcslen ...)
-       TODO: check
+       - gpac 2.0.0+dfsg1-2
+       NOTE: https://huntr.dev/bounties/0758b3a2-8ff2-45fc-8543-7633d605d24e/
+       NOTE: 
https://github.com/gpac/gpac/commit/586e817dcd531bb3e75438390f1f753cfe6e940a 
(v2.0.0)
 CVE-2022-24576 (GPAC 1.0.1 is affected by Use After Free through MP4Box. ...)
-       TODO: check
+       - gpac 2.0.0+dfsg1-2
+       NOTE: https://github.com/gpac/gpac/issues/2061
+       NOTE: https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/
+       NOTE: 
https://github.com/gpac/gpac/commit/96699aabae042f8f55cf8a85fa5758e3db752bae 
(v2.0.0)
 CVE-2022-24575 (GPAC 1.0.1 is affected by a stack-based buffer overflow 
through MP4Box ...)
-       TODO: check
+       - gpac 2.0.0+dfsg1-2
+       NOTE: https://github.com/gpac/gpac/issues/2058
+       NOTE: https://huntr.dev/bounties/1d9bf402-f756-4583-9a1d-436722609c1e/
+       NOTE: 
https://github.com/gpac/gpac/commit/b13e9986aa1134c764b0d84f0f66328429b9c2eb 
(v2.0.0)
 CVE-2022-24574 (GPAC 1.0.1 is affected by a NULL pointer dereference in 
gf_dump_vrml_f ...)
-       TODO: check
+       - gpac 2.0.0+dfsg1-2
+       NOTE: https://huntr.dev/bounties/a08437cc-25aa-4116-8069-816f78a2247c/
+       NOTE: https://github.com/gpac/gpac/issues/2055
+       NOTE: 
https://github.com/gpac/gpac/commit/9f8510835b97a729baf3646a3171bf51b4a8592e 
(v2.0.0)
 CVE-2022-24573 (A stored cross-site scripting (XSS) vulnerability in the admin 
interfa ...)
        NOT-FOR-US: Element-IT
 CVE-2022-24572 (Car Driving School Management System v1.0 is affected by Cross 
Site Sc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4a1003a9fe0db6de560948b85c1c3c2a099c274

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4a1003a9fe0db6de560948b85c1c3c2a099c274
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to