BIT-JRE-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gstwavparseadtlchunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffer. ...

BIT-JRE-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...

BIT-JRE-2024-47775 GHSL-2024-261: GStreamer has an OOB-read in parse_ds64

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multipl...

BIT-JRE-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...

PT-2026-38840

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst wavparse smpl chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer...

PT-2026-38839

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst wavparse cue chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatc...

PT-2026-38833

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemux parse trak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this...

PT-2026-38832

GStreamer is a library for constructing graphs of media-handling components. The function qtdemux parse sbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10...

PT-2026-38837

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux parse theora extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

PT-2026-38841

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gst wavparse adtl chunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffe...

PT-2026-38838

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse ds64 function within gstwavparse.c. The parse ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing...

PT-2026-38835

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux parse svq3 stsd data function within qtdemux.c. In the FOURCC SMI case, seqh size is read from the input file without proper validation. If seqh size is greater than the...

BIT-JAVA-MIN-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gstwavparseadtlchunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffer. ...

BIT-JAVA-MIN-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...

BIT-JAVA-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gstwavparseadtlchunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffer. ...

BIT-JAVA-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...

BIT-JAVA-2024-47776 GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...

BIT-JAVA-MIN-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

BIT-JAVA-2024-47775 GHSL-2024-261: GStreamer has an OOB-read in parse_ds64

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multipl...

BIT-JAVA-2024-47597 GHSL-2024-245: GStreamer has an OOB-read in qtdemux_parse_samples

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...