CVE-2021-32132

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-32132
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32132.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-32132
Downstream
Published
2021-09-13T15:15:24.477Z
Modified
2025-11-20T11:45:57.450968Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The abstboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

References

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type
GIT
Repo
https://github.com/gpac/gpac
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e74be5976a6fee059c638050a237893f7e9a3b23

Affected versions

v0.*

v0.5.2
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.8.0
v0.9.0
v0.9.0-preview

v1.*

v1.0.0
v1.0.1

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/e74be5976a6fee059c638050a237893f7e9a3b23",
        "deprecated": false,
        "target": {
            "file": "include/gpac/internal/isomedia_dev.h"
        },
        "id": "CVE-2021-32132-2f1efba1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "46048279519439078678456626273678413949",
                "271597428717806910305267766834704898357",
                "167305883216303243830298318740746200183"
            ]
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/e74be5976a6fee059c638050a237893f7e9a3b23",
        "deprecated": false,
        "target": {
            "file": "src/isomedia/box_code_adobe.c",
            "function": "abst_box_read"
        },
        "id": "CVE-2021-32132-9775640c",
        "digest": {
            "function_hash": "334972589299936550043446972688417573970",
            "length": 3367.0
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/gpac/gpac/commit/e74be5976a6fee059c638050a237893f7e9a3b23",
        "deprecated": false,
        "target": {
            "file": "src/isomedia/box_code_adobe.c"
        },
        "id": "CVE-2021-32132-fcab3bb4",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "249814680263223828033346899119621231968",
                "183357760228255496801982609355276467912",
                "272238633496801725813817651064790432935",
                "23560808382633033679621316228027336367",
                "20853178613144118908614140766138631927",
                "124594058918060327974937530681117522080",
                "305515094175571391748610138480897457640",
                "313805841488834758602352311213212395780",
                "126690113019484799855372441827805051674",
                "169798836131841513368590974131331427110",
                "143241317441984786141450764054944736561",
                "78316627316152260791519363374036443431",
                "34418500249512055630891379104135532705",
                "36786891755501197798202194449032471970",
                "10442227928799928793662577758986495253",
                "101268007993253786088032247803223251365",
                "146128374334610018233541624921101709326",
                "41425469321606044555768197169059757293",
                "246114071930489730524623143563301665233",
                "197511327512861264794229576793554669421",
                "223926247552777762448688454858818599490",
                "67237580303590551111106756338047361850",
                "201571817422873628975451470563366099396",
                "54385966461326159083018366643353277290",
                "183015603562962031241860364102160093914",
                "262370138855333047175915090213933338577",
                "294603347801707480685936992663812487895",
                "98883171666175344125270723429390773187",
                "253332836913530922121583963003923748502",
                "227518074715244503531138131242787173446",
                "306715927131689432889279449179352820960",
                "177309288357695081451325800686609116526",
                "248947527165301952125419656767958749343",
                "145159841787894039502457097424864257663",
                "245088464805944704681309903631935530442",
                "67140113591242824875706647896307977213",
                "197511327512861264794229576793554669421",
                "223926247552777762448688454858818599490",
                "67237580303590551111106756338047361850",
                "201571817422873628975451470563366099396",
                "54385966461326159083018366643353277290",
                "183015603562962031241860364102160093914",
                "262370138855333047175915090213933338577",
                "294603347801707480685936992663812487895",
                "121964548195685360076044842318716513417",
                "77661605342813194294661821223551424831",
                "290697894115695852598797301854430227498",
                "170977702934778525219439250665008547688",
                "209025649325939162191136562801757898137",
                "331091294905842495187716673198522674396",
                "237155938889251955093945790589149219739",
                "130009125155848729048693553147014358533",
                "335752653004495776832954323617346760773",
                "305515094175571391748610138480897457640",
                "313805841488834758602352311213212395780",
                "126690113019484799855372441827805051674",
                "169798836131841513368590974131331427110",
                "143241317441984786141450764054944736561",
                "52503371948993087526211061181938112885",
                "161191986237228868109540996719280416892",
                "130009125155848729048693553147014358533",
                "335752653004495776832954323617346760773",
                "305515094175571391748610138480897457640",
                "313805841488834758602352311213212395780",
                "126690113019484799855372441827805051674",
                "169798836131841513368590974131331427110",
                "143241317441984786141450764054944736561",
                "236216724684834293240685054417033247879",
                "187666000490820085178318279395080642153",
                "193157018610181193707375326354858172758",
                "176615150447466916941153522567528657569",
                "162362820664487075872516198896268928230",
                "185149226970659902304658120574763433645",
                "231249537442910023845073590289883753340",
                "314189016508890822920499485706729576374",
                "79338149257117983513152975890310439974",
                "231722503028601212019257988753339261246",
                "24428102873407863954781683207992055174",
                "214592691593110661359981667682400931908",
                "200624644217602802610997186987065255510",
                "245435730363380618091820122174892519340",
                "303080765570792751980947296920506874487",
                "117363595438934596271877159514734773481",
                "210803344379557802576313815949331666238",
                "66220506694085705760955725624389274276",
                "135771792128247061862056513969794811586",
                "250424962208726057550520212455904475966",
                "28095990870287453926247580491012273107",
                "257033670578970670984733969446916054354",
                "195130985289712432691973224389366023261",
                "222258724863287627288207977031327823159",
                "128897536982920782468160565684510744090",
                "188893431820491268338410583900835173438",
                "166549734042570581422499943167402904891",
                "291334241584994861972592145859287305800",
                "102102053042929545949984308554912546634",
                "321618787282333457857747174443338390058",
                "143158815688114744571824615756753196984"
            ]
        },
        "signature_type": "Line"
    }
]