Lucian-2333

**Name of the Vulnerable Software and Affected Versions** GPAC versions prior to 26.02.0 **Description** A flaw in the `sidx box read()` function within the `src/isomedia/box code base.c` file allows for the allocation of resources through manipulation. This issue requires local access to be exploited. **Recommendations** Install the patch identified as 442e2299530138d8f874fd885c565ba98a6318ba.

**Name of the Vulnerable Software and Affected Versions** GPAC versions prior to 26.03-DEV-rev105-g8f39a1eb3-master **Description** A flaw in the MP4Box component allows an out-of-bounds read, which occurs when the `elng` argument is manipulated within the `elng box read()` function located in the `src/isomedia/box code base.c` file. This issue requires local access to be exploited. **Recommendations** Upgrade the affected component to a version that includes patch cf6ac48c972eaaee2af270adc3f36615325deb3e.