{"vulnerability": "CVE-2021-4056", "sightings": [{"uuid": "fc7ea231-7f22-4da1-b393-3e8a2c3bd030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40567", "type": "seen", "source": "https://t.me/cibsecurity/35424", "content": "\u203c CVE-2021-40567 \u203c\n\nSegmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T20:18:21.000000Z"}, {"uuid": "2708f62b-c062-4db6-b012-cc465c398064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40563", "type": "seen", "source": "https://t.me/cibsecurity/35385", "content": "\u203c CVE-2021-40563 \u203c\n\nA Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T00:17:32.000000Z"}, {"uuid": "bdc043a8-6ec1-4505-bacf-22bb70758112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40568", "type": "seen", "source": "https://t.me/cibsecurity/35426", "content": "\u203c CVE-2021-40568 \u203c\n\nA buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T20:18:24.000000Z"}, {"uuid": "6ac6eb91-e934-4a53-9273-5afdc78dab5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40569", "type": "seen", "source": "https://t.me/cibsecurity/35432", "content": "\u203c CVE-2021-40569 \u203c\n\nThe binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T20:18:31.000000Z"}, {"uuid": "23b0c417-7a96-4f12-a04a-c4ab70de9c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40562", "type": "seen", "source": "https://t.me/cibsecurity/35386", "content": "\u203c CVE-2021-40562 \u203c\n\nA Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T00:17:33.000000Z"}, {"uuid": "e5acf6aa-140d-42b6-bb88-8190d97b4d03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40564", "type": "seen", "source": "https://t.me/cibsecurity/35384", "content": "\u203c CVE-2021-40564 \u203c\n\nA Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T00:17:31.000000Z"}, {"uuid": "510abc43-d2d3-49d1-91c3-94ed8aa4d0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40566", "type": "seen", "source": "https://t.me/cibsecurity/35380", "content": "\u203c CVE-2021-40566 \u203c\n\nA Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T00:17:25.000000Z"}, {"uuid": "c24fbaf1-c27e-48ea-bbbb-eb3c56ef80c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40565", "type": "seen", "source": "https://t.me/cibsecurity/35379", "content": "\u203c CVE-2021-40565 \u203c\n\nA Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-13T00:17:24.000000Z"}]}