Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-70299
CVE-2025-70299
A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file.
Published Feb 2, 2026
https://github.com/zakkanijia/POC/blob/main/gpac_avi/GPAC_AVI_indx_heap_overflow.md
CVSS Score
Medium
6.5
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
rpm
gpac
2.4.0-7.el10_1
rpm
gpac-debuginfo
2.4.0-7.el10_1
rpm
gpac-debugsource
2.4.0-7.el10_1
rpm
gpac-devel
2.4.0-7.el10_1
rpm
gpac-doc
2.4.0-7.el10_1
rpm
gpac-libs
2.4.0-7.el10_1
rpm
gpac-libs-debuginfo
2.4.0-7.el10_1
rpm
gpac-static
2.4.0-7.el10_1
1-8 of 8
CVE-2025-70299 | Components Impacted | Sonatype Guide | Sonatype Guide
