Gstreamerproject Gstreamer
By the Year
In 2021 there have been 3 vulnerabilities in Gstreamerproject Gstreamer with an average score of 7.0 out of ten. Gstreamer did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2021 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2021 | 3 | 7.03 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 8.80 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Gstreamer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Gstreamerproject Gstreamer Security Vulnerabilities
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
CVE-2021-3522
5.5 - Medium
- June 02, 2021
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
Out-of-bounds Read
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
CVE-2021-3497
7.8 - High
- April 19, 2021
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
Dangling pointer
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
CVE-2021-3498
7.8 - High
- April 19, 2021
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
Buffer Overflow
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially
CVE-2019-9928
8.8 - High
- April 24, 2019
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
Memory Corruption
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3
CVE-2017-5840
7.5 - High
- February 09, 2017
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
Out-of-bounds Read
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3
CVE-2017-5846
5.5 - Medium
- February 09, 2017
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.
Out-of-bounds Read
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer
CVE-2017-5847
7.5 - High
- February 09, 2017
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
Out-of-bounds Read
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3
CVE-2016-10198
5.5 - Medium
- February 09, 2017
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Gstreamerproject Gstreamer or by Gstreamerproject? Click the Watch button to subscribe.
