Debian · Gpac · CVE-2026-39103
**Name of the Vulnerable Software and Affected Versions**
GPAC versions prior to commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702
**Description**
A buffer overflow allows an attacker to cause a denial of service. This issue occurs within the `src/scenegraph/svg attributes.c` file, specifically involving the `svg parse strings()` and `gf svg parse attribute()` functions.
**Recommendations**
Update to the version containing commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702.
As a temporary workaround, restrict the use of the `svg parse strings()` and `gf svg parse attribute()` functions.