{"id":"OSV-2024-719","summary":"Heap-buffer-overflow in hevc_ref_pic_lists_modification","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70890\n\n```\nCrash type: Heap-buffer-overflow WRITE 4\nCrash state:\nhevc_ref_pic_lists_modification\ngf_hevc_parse_nalu_bs\ngf_inspect_dump_nalu_internal\n```\n","modified":"2026-05-25T14:33:08.342071Z","published":"2024-08-07T00:05:22.699506Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70890"}],"affected":[{"package":{"name":"gpac","ecosystem":"OSS-Fuzz","purl":"pkg:generic/gpac"},"ranges":[{"type":"GIT","repo":"https://github.com/gpac/gpac","events":[{"introduced":"21cf0d2d4a0d6e5d14ffaa8472c9157f1333d379"}]}],"versions":["testtag0.1","abi-12","abi-12.16","abi-12.17","abi-12.18","abi-12.19","abi-12.20","abi-12.21","abi-12.22","abi-12.23","abi-12.24","abi-12.25","abi-12.26","abi-12.27","abi-13","abi-13.0","abi-14","abi-14.0","abi-15","abi-15.0","abi-15.1","abi-15.2","abi-16","abi-16.2","abi-16.3","abi-16.4","abi-16.5","v26.02.0","abi-16.6","abi-16.7","abi-16.8","abi-16.9","abi-16.10","abi-16.11","abi-16.12","abi-16.13","abi-16.14"],"ecosystem_specific":{"severity":"HIGH"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gpac/OSV-2024-719.yaml","introduced_range":"cf9017e7f44c1d0c9a4e520083aece0d3ab329f7:df8121066cf8fb25cc70adf7ca8b35bda82fe216"}}],"schema_version":"1.7.5"}