Known Vulnerabilities for products from Gstreamer Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Gstreamer Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-2122 json | DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate fu... | 7.8 - HIGH | 2022-07-19 | 2022-10-07 |
| CVE-2022-1925 json | DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in ... | 7.8 - HIGH | 2022-07-19 | 2023-06-27 |
| CVE-2022-1924 json | DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo deco... | 7.8 - HIGH | 2022-07-19 | 2023-06-27 |
| CVE-2022-1923 json | DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip de... | 7.8 - HIGH | 2022-07-19 | 2023-06-27 |
| CVE-2022-1922 json | DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_mat... | 7.8 - HIGH | 2022-07-19 | 2023-06-27 |
| CVE-2022-1921 json | Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. ... | 7.8 - HIGH | 2022-07-19 | 2022-11-07 |
| CVE-2022-1920 json | Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while ... | 7.8 - HIGH | 2022-07-19 | 2022-10-07 |
| CVE-2021-3522 json | GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. | 5.5 - MEDIUM | 2021-06-02 | 2022-09-28 |
| CVE-2021-3498 json | GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. | 7.8 - HIGH | 2021-04-19 | 2022-10-24 |
| CVE-2021-3497 json | GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. | 7.8 - HIGH | 2021-04-19 | 2022-09-28 |
| CVE-2020-6095 json | An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A... | 7.5 - HIGH | 2020-03-27 | 2022-05-12 |
| CVE-2019-9928 json | GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, ... | 8.8 - HIGH | 2019-04-24 | 2020-08-24 |
| CVE-2017-5848 json | The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers t... | 7.5 - HIGH | 2017-02-09 | 2020-11-20 |
| CVE-2017-5847 json | The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows rem... | 7.5 - HIGH | 2017-02-09 | 2020-11-20 |
| CVE-2017-5846 json | The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.1... | 5.5 - MEDIUM | 2017-02-09 | 2020-05-30 |
| CVE-2017-5845 json | The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote a... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2017-5844 json | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allo... | 5.5 - MEDIUM | 2017-02-09 | 2019-10-03 |
| CVE-2017-5843 json | Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_updat... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
| CVE-2017-5842 json | The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows re... | 5.5 - MEDIUM | 2017-02-09 | 2018-01-05 |
| CVE-2017-5841 json | The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote a... | 7.5 - HIGH | 2017-02-09 | 2018-01-05 |
Known software with vulnerabilities from Gstreamer Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Gstreamer Project | Gst-rtsp-server | 1.14.5 |
| Application | Gstreamer Project | Gstreamer | 0.10.0 |
| Application | Gstreamer Project | Gstreamer Plugin | 1.10.0 |