CVE-2025-70298Out-of-bounds Read in Gpac

CWE-125Out-of-bounds Read5 documents5 sources
Severity
8.2HIGHNVD
EPSS
0.0%
top 93.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GpacDebian Gpac
Timeline
PublishedJan 15

Description

GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:HExploitability: 3.9 | Impact: 4.2

Affected Packages2 packages

NVDgpac/gpac2.4.0
debiandebian/gpac

🔴Vulnerability Details

2
OSV
CVE-2025-70298: GPAC v22026-01-15
GHSA
GHSA-w268-23r7-r9xw: GPAC v22026-01-15

📋Vendor Advisories

1
Debian
CVE-2025-70298: gpac - GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-70298 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-70298 — Out-of-bounds Read in Gpac | cvebase