Known Vulnerabilities for Gstreamer by Gstreamer Project
Listed below are 10 of the newest known vulnerabilities associated with "Gstreamer" by "Gstreamer Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-2921 | GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to ex... | Not Provided | 2026-03-16 | 2026-03-29 |
| CVE-2021-3522 | GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. | 5.5 - MEDIUM | 2021-06-02 | 2022-09-28 |
| CVE-2021-3498 | GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. | 7.8 - HIGH | 2021-04-19 | 2022-10-24 |
| CVE-2021-3497 | GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. | 7.8 - HIGH | 2021-04-19 | 2022-09-28 |
| CVE-2019-9928 | GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, ... | 8.8 - HIGH | 2019-04-24 | 2020-08-24 |
| CVE-2017-5842 | The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows re... | 5.5 - MEDIUM | 2017-02-09 | 2018-01-05 |
| CVE-2017-5841 | The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote a... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2017-5840 | The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attac... | 7.5 - HIGH | 2017-02-09 | 2020-05-30 |
| CVE-2017-5839 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does... | 7.5 - HIGH | 2017-02-09 | 2019-10-03 |
| CVE-2017-5838 | The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gstreamer Project | Gstreamer | 1.9.90 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.9.2 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.9.1 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.8.3 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.8.2 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.8.1 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.8.0 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.7.91 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.7.90 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.7.2 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.7.1 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.6.4 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.6.3 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.6.2 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.6.1 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.6.0 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.5.91 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.5.90 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.5.2 | All | All | All |
| Application | Gstreamer Project | Gstreamer | 1.5.1 | All | All | All |