Amazon Linux 2023 : gstreamer1-plugins-good, gstreamer1-plugins-good-gtk (ALAS2023-2025-1185)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1185 advisory. In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. CVE-2025-47183 I...