45 matches found
CVE-2026-46469
An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...
Astra Linux - уязвимость в gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue occurs when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The...
Division by zero
Overview Affected versions of this package are vulnerable to Division by zero in the qtdemuxparsetrak function when parsing MP4 audio tracks. An attacker can cause a crash by supplying crafted atom data that triggers a division by zero. Remediation A fix was pushed into the master branch but not...
CVE-2026-46469
An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...
CVE-2026-46469
GStreamer gst-plugins-good prior to 1.28.2 contains a vulnerability in the isomp4 plugin (qtdemux_parse_trak) where insufficient validation of MP4 atom data allows integer division by zero, causing denial of service. The issue is fixed in 1.28.2 (see MR 11243; security advisory SA-2026-0018). No ...
CVE-2026-46469
An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...
BIT-JRE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...
BIT-JAVA-MIN-2024-47597 GHSL-2024-245: GStreamer has an OOB-read in qtdemux_parse_samples
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...
BIT-JAVA-2024-47597 GHSL-2024-245: GStreamer has an OOB-read in qtdemux_parse_samples
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...
BIT-JAVA-MIN-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...
BIT-JAVA-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling
GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10...
PT-2026-37839
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux parse trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure...
Amazon Linux 2023 : gstreamer1-plugins-good, gstreamer1-plugins-good-gtk (ALAS2023-2025-1185)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1185 advisory. In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. CVE-2025-47183 I...
TencentOS Server 4: gstreamer1-plugins-good (TSSA-2025:0705)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0705 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2025-47183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to...
CVE-2025-47183
In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the qtdemuxparsetrak function when parsing certain MP4 files. An attacker can access sensitive information by crafting a malicious MP4 file that triggers a read past the end of a heap buffer. Remediation Upgrade...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the qtdemuxparsetree function when parsing certain MP4 files. An attacker can access sensitive information by crafting a malicious MP4 file that triggers a read past the end of a heap buffer. Remediation Upgrade...
GStreamer 安全漏洞
GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A security vulnerability exists in GStreamer 1.26.1 and earlier versions, which stems from an out-of-bounds read in the qtdemuxparsetree function that could lead to information disclosure...
CVE-2025-47183
In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure...