Gstreamer Project

Gstreamer

80 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2025-47808

Exploit
  • EPSS 0.11%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:02

In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

5.5

CVE-2025-47807

Exploit
  • EPSS 0.02%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:33

In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

5.6

CVE-2025-47806

Exploit
  • EPSS 0.09%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:42

In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.

8.1

CVE-2025-47219

Exploit
  • EPSS 0.11%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:49

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

6.6

CVE-2025-47183

Exploit
  • EPSS 0.02%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:56

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

7.8

CVE-2025-6663

  • EPSS 0.05%
  • Veröffentlicht 07.07.2025 14:58:01
  • Zuletzt bearbeitet 14.08.2025 13:44:33

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to ex...

7.8

CVE-2025-2759

  • EPSS 0.01%
  • Veröffentlicht 22.05.2025 00:57:49
  • Zuletzt bearbeitet 13.08.2025 16:29:40

GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of GStreamer. An attacker must first obtain the ability to execute low-priv...

8.8

CVE-2025-3887

  • EPSS 0.22%
  • Veröffentlicht 22.05.2025 00:47:04
  • Zuletzt bearbeitet 13.08.2025 15:57:22

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to ex...

7.5

CVE-2024-47835

  • EPSS 0.17%
  • Veröffentlicht 12.12.2024 02:03:43
  • Zuletzt bearbeitet 18.12.2024 19:45:03

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in...

9.1

CVE-2024-47834

  • EPSS 0.25%
  • Veröffentlicht 12.12.2024 02:03:43
  • Zuletzt bearbeitet 18.12.2024 19:43:02

GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case with...