Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

gstreamer — Vulnerabilities & Security Advisories 65

All 65 CVE vulnerabilities found in gstreamer, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of Common Weakness Enumeration (CWE) entries associated with GStreamer, the multimedia framework developed by Freedesktop.org and the broader open-source community. It collects data related to various vulnerability types, including buffer overflows, use-after-free errors, race conditions, and input validation flaws that affect the pipeline processing and plugin architectures of the software. The database covers historical records spanning from early releases up to the most recent updates, ensuring a complete view of the security landscape over time. Here, users can track vendor-specific advisories to understand how security issues are disclosed and patched by upstream maintainers and distribution packages. It also allows for a deeper understanding of specific weakness classes by analyzing how abstract CWE definitions manifest in the context of media parsing and decoding operations. Furthermore, the page serves as a historical reference for developers and security auditors looking to review the vulnerability history of GStreamer components, helping to identify trends in defect introduction and remediation. This resource is designed to support proactive security hygiene and informed decision-making during software integration and testing phases without relying on specific CVE identifiers for every entry.

Vendor: n/a

CVE IDTitleCVSSSeverityPublished
CVE-2026-3084 GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability CWE-191 8.4 -2026-03-13
CVE-2026-2921 GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CWE-190 7.8 -2026-03-13
CVE-2026-3083 GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-129 9.8 -2026-03-13
CVE-2026-3086 GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787 8.4 -2026-03-13
CVE-2026-3085 GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 9.8 -2026-03-13
CVE-2026-3082 GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 8.8 -2026-03-13
CVE-2026-3081 GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121 8.4 -2026-03-13
CVE-2026-2923 GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787 8.4 -2026-03-13
CVE-2026-2922 GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787 8.4 -2026-03-13
CVE-2026-2920 GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8 -2026-03-13
CVE-2025-6663 GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121 9.8 -2025-07-07
CVE-2025-2759 GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability CWE-732 7.8AIHighAI2025-05-22
CVE-2025-3887 GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121 9.8AICriticalAI2025-05-22
CVE-2024-47834 GHSL-2024-280: Gstreamer Use-After-Free read in Matroska CodecPrivate CWE-416 7.7 -2024-12-11
CVE-2024-47835 GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser CWE-476 5.5 -2024-12-11
CVE-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk CWE-125 8.1 -2024-12-11
CVE-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk CWE-125 5.5 -2024-12-11
CVE-2024-47776 GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk CWE-125 7.1 -2024-12-11
CVE-2024-47775 GHSL-2024-261: GStreamer has an OOB-read in parse_ds64 CWE-125 7.1 -2024-12-11
CVE-2024-47774 GHSL-2024-262: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk CWE-125 7.1 -2024-12-11
CVE-2024-47613 GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush CWE-476 7.1 -2024-12-11
CVE-2024-47615 GHSL-2024-117: GStreamer has an out-of-bounds write in Ogg demuxer CWE-787 7.1 -2024-12-11
CVE-2024-47607 GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header CWE-121 7.8 -2024-12-11
CVE-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes CWE-190 8.4 -2024-12-11
CVE-2024-47603 GHSL-2024-251: GStreamer NULL-pointer dereference in Matroska/WebM demuxer CWE-476 5.5 -2024-12-11
CVE-2024-47602 GHSL-2024-250: Streamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer CWE-476 5.5 -2024-12-11
CVE-2024-47601 GHSL-2024-249: GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer CWE-476 5.5 -2024-12-11
CVE-2024-47600 GHSL-2024-248: GStreamer has an OOB-read in format_channel_mask CWE-125 7.1 -2024-12-11
CVE-2024-47599 GHSL-2024-247: GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences CWE-476 5.5 -2024-12-11
CVE-2024-47598 GHSL-2024-246: GStreamer has an OOB-read in qtdemux_merge_sample_table CWE-125 5.5 -2024-12-11

All 65 known CVE vulnerabilities affecting gstreamer with full Chinese analysis, references, and POCs where available.