CVE-2025-70302
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gpac | gpac | 2.4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of GPAC v2.4.0 with untrusted inputs, applying any available patches or updates from the GPAC project, and monitoring for updates or advisories related to this heap overflow vulnerability. [1]
Can you explain this vulnerability to me?
This vulnerability is a heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC version 2.4.0. It allows attackers to cause a Denial of Service (DoS) by providing crafted input that triggers the overflow.
How can this vulnerability impact me? :
The vulnerability can impact you by causing a Denial of Service (DoS) condition, which means the affected system or application may crash or become unavailable when processing maliciously crafted input.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying the presence of the vulnerable GPAC v2.4.0 version and monitoring for crashes or abnormal behavior related to the ghi_dmx_declare_opid_bin() function when processing inputs. Specific commands or detection scripts are not provided in the available resources. [1]