Lucene search
+L

14 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.15 views

CVE-2026-46469

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

5.5CVSS5.4AI score0.00101EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/14 7:16 p.m.8 views

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero in the qtdemuxparsetrak function when parsing MP4 audio tracks. An attacker can cause a crash by supplying crafted atom data that triggers a division by zero. Remediation A fix was pushed into the master branch but not...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 6:16 p.m.12 views

CVE-2026-46469

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

5.5CVSS0.00101EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 5:38 p.m.39 views

CVE-2026-46469

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

4CVSS0.00101EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 5:38 p.m.32 views

CVE-2026-46469

GStreamer gst-plugins-good prior to 1.28.2 contains a vulnerability in the isomp4 plugin (qtdemux_parse_trak) where insufficient validation of MP4 atom data allows integer division by zero, causing denial of service. The issue is fixed in 1.28.2 (see MR 11243; security advisory SA-2026-0018). No ...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/08 5:46 a.m.8 views

BIT-JRE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

7.5CVSS6.8AI score0.01072EPSS
Exploits0References5
OSV
OSV
added 2026/05/06 2:44 p.m.5 views

BIT-JAVA-MIN-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

7.5CVSS6.8AI score0.01072EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.17 views

PT-2026-37839

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux parse trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure...

8.1CVSS6.9AI score0.00625EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/15 12:0 a.m.8 views

Amazon Linux 2023 : gstreamer1-plugins-good, gstreamer1-plugins-good-gtk (ALAS2023-2025-1185)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1185 advisory. In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. CVE-2025-47183 I...

8.1CVSS7.9AI score0.00625EPSS
Exploits2References6
Snyk
Snyk
added 2025/08/07 7:43 p.m.6 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the qtdemuxparsetrak function when parsing certain MP4 files. An attacker can access sensitive information by crafting a malicious MP4 file that triggers a read past the end of a heap buffer. Remediation Upgrade...

8.8CVSS6.6AI score0.00625EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/07 12:0 a.m.6 views

GStreamer 安全漏洞

GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A security vulnerability exists in GStreamer 1.26.1 and earlier versions, which stems from an out-of-bounds read in the qtdemuxparsetrak function that could lead to information disclosure...

8.1CVSS6.1AI score0.00625EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2025/01/29 12:0 a.m.6 views

The vulnerability of the qtdemux_parse_trak function in the Gstreamer multimedia framework allows a hacker to execute arbitrary code.

The vulnerability of the qtdemuxparsetrak function in the Gstreamer multimedia framework is related to integer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS7.3AI score0.01072EPSS
Exploits0References13Affected Software13
OSV
OSV
added 2024/12/12 2:3 a.m.3 views

DEBIAN-CVE-2024-47545

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

7.5CVSS6.7AI score0.01072EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 12:0 a.m.14 views

UBUNTU-CVE-2024-47545

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

7.5CVSS7.1AI score0.01072EPSS
Exploits0References5
Rows per page
Query Builder