Known Vulnerabilities for products from Gstreamer Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Gstreamer Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3522 | GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. | 5.5 - MEDIUM | 2021-06-02 | 2022-09-28 |
| CVE-2021-3498 | GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. | 7.8 - HIGH | 2021-04-19 | 2022-10-24 |
| CVE-2021-3497 | GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. | 7.8 - HIGH | 2021-04-19 | 2022-09-28 |
| CVE-2020-6095 | An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A... | 7.5 - HIGH | 2020-03-27 | 2022-05-12 |
| CVE-2019-9928 | GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, ... | 8.8 - HIGH | 2019-04-24 | 2020-08-24 |
| CVE-2017-5848 | The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers t... | 7.5 - HIGH | 2017-02-09 | 2020-11-20 |
| CVE-2017-5847 | The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows rem... | 7.5 - HIGH | 2017-02-09 | 2020-11-20 |
| CVE-2017-5846 | The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.1... | 5.5 - MEDIUM | 2017-02-09 | 2020-05-30 |
| CVE-2017-5845 | The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote a... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2017-5844 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allo... | 5.5 - MEDIUM | 2017-02-09 | 2019-10-03 |
| CVE-2017-5843 | Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_updat... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2017-5842 | The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows re... | 5.5 - MEDIUM | 2017-02-09 | 2018-01-05 |
| CVE-2017-5841 | The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote a... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2017-5840 | The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attac... | 7.5 - HIGH | 2017-02-09 | 2020-05-30 |
| CVE-2017-5839 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does... | 7.5 - HIGH | 2017-02-09 | 2019-10-03 |
| CVE-2017-5838 | The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2017-5837 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allo... | 5.5 - MEDIUM | 2017-02-09 | 2019-10-03 |
| CVE-2016-10199 | The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote at... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2016-10198 | The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allo... | 5.5 - MEDIUM | 2017-02-09 | 2020-05-30 |
| CVE-2016-9447 | The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds re... | 7.8 - HIGH | 2017-01-23 | 2023-11-07 |
Known software with vulnerabilities from Gstreamer Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Gstreamer Project | Gstreamer | 0.10.0 |
| Application | Gstreamer Project | Gstreamer Plugin | 1.6.0 |
| Application | Gstreamer Project | Gst-rtsp-server | 1.14.5 |