{"id":"CVE-2018-20760","details":"In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.","modified":"2026-04-16T04:40:45.843079789Z","published":"2019-02-06T23:29:00.230Z","references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00040.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3926-1/"},{"type":"FIX","url":"https://github.com/gpac/gpac/commit/4c1360818fc8948e9307059fba4dc47ba8ad255d"},{"type":"EVIDENCE","url":"https://github.com/gpac/gpac/issues/1177"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"last_affected":"440d475f133038824dab08292b2e592ecd0e10b4"},{"fixed":"4c1360818fc8948e9307059fba4dc47ba8ad255d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.7.1"}]}}],"versions":["v0.5.2","v0.6.0","v0.7.0","v0.7.1"],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["166482483231269289728412799493455409256","294305885484496685493816442798177987069","339237291132411872005631746324972709639","275142320839685856229007254720329448643"],"threshold":0.9},"deprecated":false,"signature_version":"v1","target":{"file":"src/media_tools/text_import.c"},"id":"CVE-2018-20760-0f0f89f8","source":"https://github.com/gpac/gpac/commit/4c1360818fc8948e9307059fba4dc47ba8ad255d","signature_type":"Line"},{"digest":{"function_hash":"99797345829505119259293328342837626094","length":1613},"deprecated":false,"signature_version":"v1","target":{"function":"gf_text_get_utf8_line","file":"src/media_tools/text_import.c"},"signature_type":"Function","source":"https://github.com/gpac/gpac/commit/4c1360818fc8948e9307059fba4dc47ba8ad255d","id":"CVE-2018-20760-5f3fa077"}],"vanir_signatures_modified":"2026-04-11T14:54:37Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20760.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}