{"id":"CVE-2018-7752","details":"GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.","modified":"2026-04-16T04:44:22.133662916Z","published":"2018-03-07T23:29:00.227Z","references":[{"type":"ADVISORY","url":"https://github.com/gpac/gpac/issues/997"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00040.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3926-1/"},{"type":"FIX","url":"https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"0"},{"last_affected":"440d475f133038824dab08292b2e592ecd0e10b4"},{"fixed":"90dc7f853d31b0a4e9441cba97feccf36d8b69a4"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.7.1"}]}}],"versions":["v0.5.2","v0.6.0","v0.7.0","v0.7.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7752.json","vanir_signatures":[{"source":"https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4","target":{"file":"src/media_tools/av_parsers.c"},"signature_version":"v1","signature_type":"Line","id":"CVE-2018-7752-63d6b9e4","digest":{"threshold":0.9,"line_hashes":["126278262280082924569126296262658050095","216744762104095911564842467962014526151","185528809904418896263298838658771015070","82019032688158171395653300683678265532"]},"deprecated":false},{"id":"CVE-2018-7752-a11244e8","target":{"function":"gf_isom_oinf_read_entry","file":"src/isomedia/avc_ext.c"},"signature_version":"v1","digest":{"function_hash":"304120248244333354557418027366474785790","length":2763},"deprecated":false,"source":"https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4","signature_type":"Function"},{"id":"CVE-2018-7752-aff726a8","deprecated":false,"signature_version":"v1","target":{"file":"src/isomedia/avc_ext.c"},"source":"https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4","signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["295339302565018842375956707355292689207","29657044900789720080592810689116249472","42913939931583720813834950435861223960","291072213468306446369447858881885330643"]}},{"id":"CVE-2018-7752-d581bdcd","deprecated":false,"signature_version":"v1","target":{"function":"gf_media_avc_read_sps","file":"src/media_tools/av_parsers.c"},"source":"https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4","signature_type":"Function","digest":{"function_hash":"314564875933234793018417200996154708666","length":7127}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]}],"vanir_signatures_modified":"2026-04-11T14:11:09Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}