4 matches found
OESA-2026-2146 gstreamer1-plugins-good security update
Security Fixes: An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gstwavparseadtlchunk function. The patch added a size validation check lsize + 8 size, but it does not account for the GSTROUNDUP2lsize used in the actual offset calculation. When lsize is an odd number, the pars...
Amazon Linux 2 : gstreamer-plugins-good, --advisory ALAS2-2026-3250 (ALAS-2026-3250)
The version of gstreamer-plugins-good installed on the remote host is prior to 0.10.31-20. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3250 advisory. An out-of-bounds read in the WAV parser that can cause crashes for certain input files. CVE-2026-1940 Tenable has...
Medium: gstreamer1-plugins-good
Issue Overview: In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. CVE-2025-47183 In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetrak function may read past t...
The vulnerability of the Good plugin (gst-plugins-good) in the Gstreamer multimedia framework allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the Good gst-plugins-good plugin of the Gstreamer multimedia framework is related to insufficient protection of sensitive data due to the absence of security updates on the remote host. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protect...