UBUNTU-CVE-2026-1418
- Source
- https://ubuntu.com/security/CVE-2026-1418
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-1418.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-1418
- Upstream
- Published
- 2026-01-26T04:16:00Z
- Modified
- 2026-01-30T21:03:25.273080Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- 1.9 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/textto_bifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The name of the patch is 10c73b82cf0e367383d091db38566a0e4fe71772. It is best practice to apply a patch to resolve this issue.
- References
-
- https://ubuntu.com/security/CVE-2026-1418
- https://www.cve.org/CVERecord?id=CVE-2026-1418
- https://github.com/enocknt/gpac/commit/10c73b82cf0e367383d091db38566a0e4fe71772
- https://github.com/gpac/gpac/issues/3425
- https://github.com/gpac/gpac/issues/3425#issue-3801961068
- https://vuldb.com/?ctiid.342807
- https://vuldb.com/?id.342807
- https://vuldb.com/?submit.736544
Affected packages
Ubuntu:Pro:14.04:LTS
gpac
Package
- Name
- gpac
- Purl
- pkg:deb/ubuntu/gpac@0.5.0+svn4288~dfsg1-4ubuntu1+esm2?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.5.0+svn4288~dfsg1-1ubuntu1
0.5.0+svn4288~dfsg1-4
0.5.0+svn4288~dfsg1-4ubuntu1
0.5.0+svn4288~dfsg1-4ubuntu1+esm1
0.5.0+svn4288~dfsg1-4ubuntu1+esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "0.5.0+svn4288~dfsg1-4ubuntu1+esm2",
"binary_name": "gpac"
},
{
"binary_version": "0.5.0+svn4288~dfsg1-4ubuntu1+esm2",
"binary_name": "gpac-modules-base"
},
{
"binary_version": "0.5.0+svn4288~dfsg1-4ubuntu1+esm2",
"binary_name": "libgpac-dev"
},
{
"binary_version": "0.5.0+svn4288~dfsg1-4ubuntu1+esm2",
"binary_name": "libgpac2"
}
]
}Ubuntu:Pro:16.04:LTS
gpac
Package
- Name
- gpac
- Purl
- pkg:deb/ubuntu/gpac@0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.5.2-426-gc5ad4e4+dfsg5-1build1
0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1
0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2",
"binary_name": "gpac"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2",
"binary_name": "gpac-modules-base"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2",
"binary_name": "libgpac-dev"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2",
"binary_name": "libgpac4"
}
]
}Ubuntu:Pro:18.04:LTS
gpac
Package
- Name
- gpac
- Purl
- pkg:deb/ubuntu/gpac@0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.5.2-426-gc5ad4e4+dfsg5-3
0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1
0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1",
"binary_name": "gpac"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1",
"binary_name": "gpac-modules-base"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1",
"binary_name": "libgpac-dev"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1",
"binary_name": "libgpac4"
}
]
}Ubuntu:Pro:20.04:LTS
gpac
Package
- Name
- gpac
- Purl
- pkg:deb/ubuntu/gpac@0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.5.2-426-gc5ad4e4+dfsg5-4ubuntu1
0.5.2-426-gc5ad4e4+dfsg5-5
0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2",
"binary_name": "gpac"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2",
"binary_name": "gpac-modules-base"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2",
"binary_name": "libgpac-dev"
},
{
"binary_version": "0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2",
"binary_name": "libgpac4"
}
]
}Ubuntu:Pro:22.04:LTS
gpac
Package
- Name
- gpac
- Purl
- pkg:deb/ubuntu/gpac@2.0.0+dfsg1-2ubuntu0.1~esm2?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "2.0.0+dfsg1-2ubuntu0.1~esm2",
"binary_name": "gpac"
},
{
"binary_version": "2.0.0+dfsg1-2ubuntu0.1~esm2",
"binary_name": "gpac-modules-base"
},
{
"binary_version": "2.0.0+dfsg1-2ubuntu0.1~esm2",
"binary_name": "libgpac-dev"
},
{
"binary_version": "2.0.0+dfsg1-2ubuntu0.1~esm2",
"binary_name": "libgpac11"
}
]
}Ubuntu:Pro:24.04:LTS
gpac
Package
- Name
- gpac
- Purl
- pkg:deb/ubuntu/gpac@2.2.1+dfsg1-3.1ubuntu0.1~esm2?arch=source&distro=esm-apps/noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.2.1+dfsg1-3
2.2.1+dfsg1-3.1
2.2.1+dfsg1-3.1build1
2.2.1+dfsg1-3.1build2
2.2.1+dfsg1-3.1ubuntu0.1~esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "2.2.1+dfsg1-3.1ubuntu0.1~esm2",
"binary_name": "gpac"
},
{
"binary_version": "2.2.1+dfsg1-3.1ubuntu0.1~esm2",
"binary_name": "gpac-modules-base"
},
{
"binary_version": "2.2.1+dfsg1-3.1ubuntu0.1~esm2",
"binary_name": "libgpac-dev"
},
{
"binary_version": "2.2.1+dfsg1-3.1ubuntu0.1~esm2",
"binary_name": "libgpac12t64"
}
]
}