CNNVD-202601-2602 Information

CNNVD ID

CNNVD-202601-2602

Related CVE

CVE-2025-70298

• CNNVD Published: 2026-01-15

Description (Chinese)

GPAC是GPAC开源的一款开源的多媒体框架。 GPAC v2.4.0版本存在安全漏洞，该漏洞源于oggdmx_parse_tags函数存在越界读取，可能导致拒绝服务。

Description (English)

GPAC is an open-source multimedia framework for GPS open sources. GPAC v2.4.0 has a security loophole, which stems from the presence of the oggdmx parse tags function across borders, which may lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

GPAC

Published

2026-01-15

Last Modified

2026-02-24

References

https://github.com/zakkanijia/POC/blob/main/dmx_ogg/GPAC_oggdmx_parse_tags_offbyone.md https://access.redhat.com/security/cve/cve-2025-70298