CVEs affecting projects tracked on Release Alert, from NVD & OSV.
GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function.