CVE-2025-70298

High CVSS: 8.2

GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function.

Vendor

Product

CWE

Yayın Tarihi

2026-01-15 17:16:05

Güncelleme

2026-01-23 17:37:19

Source Identifier

cve@mitre.org

KEV Date Added

CWE-125 Gpac HIGH Gpac 2026

https://github.com/zakkanijia/POC/blob/main/dmx_ogg/GPAC_oggdmx_parse_tags_offbyone.md

High

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs dur…

Medium

CVE-2026-1417

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dump_isom_rtp of the file app…

Medium

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gf_text_import_srt_bifs of the…

Medium

CVE-2026-1416

A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of…

Medium

CVE-2026-1415

A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf_media_export_webvtt_metadata of the file…

Medium

CVE-2025-70302

A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service…