Astra Linux - уязвимость в gstreamer1.0, gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

OESA-2026-2210 libtheora security update

Theora is a free and open video compression format from the Xiph.org Foundation. Like all our multimedia technology it can be used to distribute film and video online and on disc without the licensing and royalty fees or vendor lock-in associated with other formats. Security Fixes: A flaw was fou...

BIT-JRE-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

PT-2026-38837

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux parse theora extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

BIT-JAVA-MIN-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

BIT-JAVA-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

PT-2026-37816

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux parse theora extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

PT-2026-38023

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux parse theora extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

CVE-2026-5673

A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI Audio Video Interleave parser, specifically in the aviparseinputfile function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI file containing a...

CVE-2026-5673

CVE-2026-5673 affects libtheora’s AVI parser. The flaw is a heap-based out-of-bounds read in the avi_parse_input_file() function triggered by a crafted AVI file with a truncated header sub-chunk. Local attackers can exploit this by tricking a user into opening such a file, leading to a potential ...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the aviparseinputfile process. An attacker can cause application crashes or leak sensitive information from memory by convincing a user to open a specially crafted AVI file containing a truncated header sub-chunk...

Theora 缓冲区错误漏洞

Theora is a reference implementation of Theora video compression format developed by Xiph open-source projects. Theora has a buffer error vulnerability, which stems from a heap out-of-bounds read in the aviparseinputfile function of the AVI parser. This vulnerability could lead to denial-of-servi...

CLSA-2025-1764774571 gstreamer1: Fix of CVE-2024-47606

CVE-2024-47606: fix integer overflow when allocating sysmem and avoid integer overflow in qtdemux theora extension parsing...

CLSA-2025-1764325574 gstreamer1-plugins-good: Fix of CVE-2024-47606

CVE-2024-47606: qtdemux: avoid integer overflow when parsing Theora extension - Fix documentation build with the newer gtk-doc...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gstreamer1 (UTSA-2025-988621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988621 advisory. GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension withi...

OESA-2025-2439 gstreamer1 security update

GStreamer1 implements a framework that allows for processing and encoding of multimedia sources in a manner similar to a shell pipeline. Security Fixes: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function...

OESA-2025-2440 gstreamer1 security update

GStreamer1 implements a framework that allows for processing and encoding of multimedia sources in a manner similar to a shell pipeline. Security Fixes: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function...

OESA-2025-2438 gstreamer1 security update

GStreamer1 implements a framework that allows for processing and encoding of multimedia sources in a manner similar to a shell pipeline. Security Fixes: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function...

OESA-2025-2437 gstreamer1 security update

GStreamer1 implements a framework that allows for processing and encoding of multimedia sources in a manner similar to a shell pipeline. Security Fixes: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function...

OESA-2025-2436 gstreamer1 security update

GStreamer1 implements a framework that allows for processing and encoding of multimedia sources in a manner similar to a shell pipeline. Security Fixes: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function...