An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gfisomboxdel() in isomedia/boxfuncs.c.
{
"source": [
"CPE_STRING",
"REFERENCES"
],
"cpe": [
"cpe:2.3:a:gpac:gpac:0.8.0:*:*:*:*:*:*:*",
"cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0.8.0"
},
{
"last_affected": "0.8.0"
},
{
"introduced": "1.0.1"
},
{
"last_affected": "1.0.1"
}
]
}"2026-07-08T20:42:52Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-35980.json"
[
{
"id": "CVE-2020-35980-2584e63c",
"digest": {
"line_hashes": [
"139991027599417698348241601356380543408",
"158493532124933156359690118726248976402",
"151916941483150121033990496184157102716",
"37132822800526523427193058716736895290"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/gpac/gpac/commit/5aba27604d957e960d8069d85ccaf868f8a7b07a",
"deprecated": false,
"target": {
"file": "src/isomedia/isom_store.c"
}
},
{
"id": "CVE-2020-35980-894d4aca",
"digest": {
"function_hash": "9488008706260917365735574736960080132",
"length": 230.0
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/gpac/gpac/commit/5aba27604d957e960d8069d85ccaf868f8a7b07a",
"deprecated": false,
"target": {
"function": "CleanWriters",
"file": "src/isomedia/isom_store.c"
}
}
]