gopro/gpmf-parser

GitHub

github.com

Releases15

Frequency3 months 6 days

Last Release about 5 years ago

Stars646

Parser for GPMF™ formatted telemetry data used within GoPro® cameras.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-16161 ↗	Oct 19, 2020Monday, 19 October 2020, 18:15	7.5 HIGH	5 MEDIUM
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
CVE-2020-16160 ↗	Oct 19, 2020Monday, 19 October 2020, 18:15	7.5 HIGH	5 MEDIUM
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
CVE-2020-16159 ↗	Oct 19, 2020Monday, 19 October 2020, 18:15	9.1 CRITICAL	6.4 MEDIUM
GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData(). Parsing malicious input can result in a crash or information disclosure.
CVE-2020-16158 ↗	Oct 19, 2020Monday, 19 October 2020, 18:15	8.8 HIGH	6.8 MEDIUM
GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution.
CVE-2019-20086 ↗	Dec 30, 2019Monday, 30 December 2019, 04:15	8.8 HIGH	6.8 MEDIUM
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next in GPMF_parser.c.
CVE-2019-20089 ↗	Dec 30, 2019Monday, 30 December 2019, 04:15	7.8 HIGH	6.8 MEDIUM
GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for the size calculation.
CVE-2019-20088 ↗	Dec 30, 2019Monday, 30 December 2019, 04:15	7.8 HIGH	6.8 MEDIUM
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMF_mp4reader.c.
CVE-2019-20087 ↗	Dec 30, 2019Monday, 30 December 2019, 04:15	8.8 HIGH	6.8 MEDIUM
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for the "matching tags" feature.
CVE-2019-15147 ↗	Aug 18, 2019Sunday, 18 August 2019, 19:15	—	4.3 MEDIUM
GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c.
CVE-2019-15148 ↗	Aug 18, 2019Sunday, 18 August 2019, 19:15	—	4.3 MEDIUM
GoPro GPMF-parser 1.2.2 has an out-of-bounds write in OpenMP4Source in demo/GPMF_mp4reader.c.
CVE-2019-15146 ↗	Aug 18, 2019Sunday, 18 August 2019, 19:15	—	4.3 MEDIUM
GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c.
CVE-2018-18699 ↗	Oct 29, 2018Monday, 29 October 2018, 12:29	—	6.8 MEDIUM
An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.
CVE-2018-18190 ↗	Oct 9, 2018Tuesday, 9 October 2018, 20:29	—	4.3 MEDIUM
An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.
CVE-2018-13026 ↗	Jun 30, 2018Saturday, 30 June 2018, 12:29	—	7.5 HIGH
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type.
CVE-2018-13011 ↗	Jun 29, 2018Friday, 29 June 2018, 15:29	—	7.5 HIGH
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate.
CVE-2018-13007 ↗	Jun 29, 2018Friday, 29 June 2018, 14:29	—	7.5 HIGH
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check).
CVE-2018-13009 ↗	Jun 29, 2018Friday, 29 June 2018, 14:29	—	7.5 HIGH
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).
CVE-2018-13008 ↗	Jun 29, 2018Friday, 29 June 2018, 14:29	—	7.5 HIGH
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level.