Known Vulnerabilities for products from GStreamer
Listed below are 17 of the newest known vulnerabilities associated with the vendor "GStreamer".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-2921 | GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to ex... | Not Provided | 2026-03-16 | 2026-03-29 |
| CVE-2025-68175 | Not Provided | 2025-12-16 | 2026-04-02 | |
| CVE-2016-9813 | The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service ... | 5.5 - MEDIUM | 2017-01-13 | 2018-01-05 |
| CVE-2016-9812 | The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denia... | 7.5 - HIGH | 2017-01-13 | 2018-01-05 |
| CVE-2016-9811 | The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allo... | 4.7 - MEDIUM | 2017-01-13 | 2023-11-07 |
| CVE-2016-9810 | The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remot... | 5.5 - MEDIUM | 2017-01-13 | 2018-01-05 |
| CVE-2016-9809 | Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecifi... | 7.8 - HIGH | 2017-01-13 | 2018-01-05 |
| CVE-2016-9808 | The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and cra... | 7.5 - HIGH | 2017-01-13 | 2018-01-05 |
| CVE-2016-9807 | The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of... | 5.5 - MEDIUM | 2017-01-13 | 2018-01-05 |
| CVE-2016-9636 | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer befor... | 9.8 - CRITICAL | 2017-01-27 | 2018-01-05 |
| CVE-2016-9635 | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer befor... | 9.8 - CRITICAL | 2017-01-27 | 2018-01-05 |
| CVE-2016-9634 | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer befor... | 9.8 - CRITICAL | 2017-01-27 | 2018-01-05 |
| CVE-2009-1932 | Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/li... | 6.8 - MEDIUM | 2009-06-04 | 2017-09-29 |
| CVE-2009-0586 | Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-ba... | 7.5 - HIGH | 2009-03-14 | 2023-02-13 |
| CVE-2009-0398 | Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins)... | 9.3 - HIGH | 2009-02-03 | 2017-09-29 |
| CVE-2009-0397 | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst... | 9.3 - HIGH | 2009-02-03 | 2018-10-11 |
| CVE-2009-0387 | Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-... | 9.3 - HIGH | 2009-02-02 | 2018-10-11 |
| CVE-2009-0386 | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst... | 9.3 - HIGH | 2009-02-02 | 2018-10-11 |