Gstreamer Gstreamerproject Gstreamer

Do you want an email whenever new security vulnerabilities are reported in Gstreamerproject Gstreamer?

By the Year

In 2021 there have been 3 vulnerabilities in Gstreamerproject Gstreamer with an average score of 7.0 out of ten. Gstreamer did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2021 as compared to last year.

Year Vulnerabilities Average Score
2021 3 7.03
2020 0 0.00
2019 1 8.80
2018 0 0.00

It may take a day or so for new Gstreamer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Gstreamerproject Gstreamer Security Vulnerabilities

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

CVE-2021-3522 5.5 - Medium - June 02, 2021

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

Out-of-bounds Read

GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.

CVE-2021-3497 7.8 - High - April 19, 2021

GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.

Dangling pointer

GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.

CVE-2021-3498 7.8 - High - April 19, 2021

GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.

Buffer Overflow

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially

CVE-2019-9928 8.8 - High - April 24, 2019

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.

Memory Corruption

The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3

CVE-2017-5840 7.5 - High - February 09, 2017

The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.

Out-of-bounds Read

The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3

CVE-2017-5846 5.5 - Medium - February 09, 2017

The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.

Out-of-bounds Read

The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer

CVE-2017-5847 7.5 - High - February 09, 2017

The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

Out-of-bounds Read

The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3

CVE-2016-10198 5.5 - Medium - February 09, 2017

The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.

Out-of-bounds Read

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Gstreamerproject Gstreamer or by Gstreamerproject? Click the Watch button to subscribe.

subscribe