{"id":"MGASA-2025-0090","summary":"Updated gpac packages fix security vulnerabilities","details":"Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.\n(CVE-2023-5520)\nStack-based Buffer Overflow in GitHub repository gpac/gpac prior to\n2.3-DEV. (CVE-2024-0321)\nOut-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.\n(CVE-2024-0322)\n","modified":"2026-04-16T00:10:15.663146831Z","published":"2025-03-08T01:26:59Z","upstream":["CVE-2023-5520","CVE-2024-0321","CVE-2024-0322"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2025-0090.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=34071"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7320-1"}],"affected":[{"package":{"name":"gpac","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/gpac?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.1-1.2.mga9.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0090.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}