Debian Gpac vulnerabilities

CVE-2026-27821 [HIGH] CVE-2026-27821: gpac - GPAC is an open-source multimedia framework. In versions up to and including 26.... GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd XML attribute is copied from att->value into szXmlHeaderEnd[1000] using strcpy() without any length validation. If the input exceeds 1000 bytes, it overwrites beyond the

CVE-2026-4185 [MEDIUM] CVE-2026-4185: gpac - A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This ... A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the argument szName results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be

CVE-2026-4016 [MEDIUM] CVE-2026-4016: gpac - A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this v... A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svgin_process of the file src/filters/load_svg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is

CVE-2026-1415 [MEDIUM] CVE-2026-1415: gpac - A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf_... A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf_media_export_webvtt_metadata of the file src/media_tools/media_export.c. The manipulation of the argument Name leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is af951b892dfbaaa38336b

CVE-2026-33144 [MEDIUM] CVE-2026-33144: gpac - GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-bas... GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow (write) vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gf_xml_parse_bit_sequence_bs function in utils/xml_bin_custom.c when processing a crafted NHML file containing malicious (BitSequence) elements. An attacker can exploit this by providin

CVE-2026-1416 [MEDIUM] CVE-2026-1416: gpac - A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulner... A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of the file applications/mp4box/filedump.c. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. The patch is identified as d45

CVE-2026-1418 [MEDIUM] CVE-2026-1418: gpac - A security vulnerability has been detected in GPAC up to 2.4.0. This affects the... A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gf_text_import_srt_bifs of the file src/scene_manager/text_to_bifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The name of the patch is 10

CVE-2026-1417 [MEDIUM] CVE-2026-1417: gpac - A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is th... A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dump_isom_rtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. Patch name: f96bd57c3ccdcde4335a0be28cd3e8fe29699

CVE-2026-4015 [MEDIUM] CVE-2026-4015: gpac - A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin... A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be used for attacks. Th

CVE-2025-70308 [HIGH] CVE-2025-70308: gpac - An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows ... An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .gsf file. Scope: local bullseye: open

CVE-2025-25723 [HIGH] CVE-2025-25723: gpac - Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to exe... Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code. Scope: local bullseye: open

CVE-2025-70298 [HIGH] CVE-2025-70298: gpac - GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_... GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function. Scope: local bullseye: open

CVE-2025-70307 [HIGH] CVE-2025-70307: gpac - A stack overflow in the dump_ttxt_sample function of GPAC v2.4.0 allows attacker... A stack overflow in the dump_ttxt_sample function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet. Scope: local bullseye: open

CVE-2025-70304 [HIGH] CVE-2025-70304: gpac - A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 al... A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet. Scope: local bullseye: open

CVE-2025-70302 [MEDIUM] CVE-2025-70302: gpac - A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows... A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. Scope: local bullseye: open

CVE-2025-7797 [MEDIUM] CVE-2025-7797: gpac - A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. A... A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null pointer dereference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-70299 [MEDIUM] CVE-2025-70299: gpac - A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows att... A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file. Scope: local bullseye: open

CVE-2025-70303 [MEDIUM] CVE-2025-70303: gpac - A heap overflow in the uncv_parse_config() function of GPAC v2.4.0 allows attack... A heap overflow in the uncv_parse_config() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. Scope: local bullseye: open

CVE-2025-70309 [MEDIUM] CVE-2025-70309: gpac - A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows a... A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file. Scope: local bullseye: open

CVE-2025-70310 [MEDIUM] CVE-2025-70310: gpac - A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attacke... A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg file. Scope: local bullseye: open