Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GStreamer — Vulnerabilities & Security Advisories 56

Browse all 56 CVE security advisories affecting GStreamer. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GStreamer is an open-source multimedia framework primarily used for constructing graphs of media-handling components, ranging from simple audio playback to complex video editing and streaming applications. Its widespread adoption in Linux-based systems and embedded devices makes it a critical infrastructure component for media processing. Historically, the framework has been susceptible to a variety of vulnerability classes, including buffer overflows, use-after-free errors, and integer overflows, which frequently lead to remote code execution or denial-of-service conditions. With 56 recorded CVEs, these flaws often stem from parsing complex media formats or handling untrusted input data. While no single catastrophic incident has defined its security history, the high volume of vulnerabilities highlights the challenges of maintaining robust memory safety in a C-based codebase. Developers must apply patches diligently to mitigate risks associated with processing maliciously crafted media files.

Top products by GStreamer: GStreamer ORC
CVE IDTitleCVSSSeverityPublished
CVE-2024-47597 GHSL-2024-245: GStreamer has an OOB-read in qtdemux_parse_samples — gstreamerCWE-125 5.5 -2024-12-11
CVE-2024-47596 GHSL-2024-244: GStreamer has an OOB-read in FOURCC_SMI_ parsing — gstreamerCWE-125 7.8 -2024-12-11
CVE-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read — gstreamerCWE-191 6.1 -2024-12-11
CVE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read — gstreamerCWE-191 7.1 -2024-12-11
CVE-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling — gstreamerCWE-476 5.5 -2024-12-11
CVE-2024-47543 GHSL-2024-236: GStreamer has an OOB-read in qtdemux_parse_container — gstreamerCWE-125 7.1 -2024-12-11
CVE-2024-47542 GHSL-2024-235: GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference — gstreamerCWE-476 5.5 -2024-12-11
CVE-2024-47541 GHSL-2024-228: GStreamer has an out-of-bounds write in SSA subtitle parser — gstreamerCWE-787 7.1 -2024-12-11
CVE-2024-47540 GHSL-2024-197: GStreamer uses uninitialized stack memory in Matroska/WebM demuxer — gstreamerCWE-457 7.8 -2024-12-11
CVE-2024-47539 GHSL-2024-195: GStreamer has an OOB-write in convert_to_s334_1a — gstreamerCWE-787 7.8 -2024-12-11
CVE-2024-47538 GHSL-2024-115: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet — gstreamerCWE-121 7.8 -2024-12-11
CVE-2024-47537 GHSL-2024-094: GStreamer has an OOB-write in isomp4/qtdemux.c — gstreamerCWE-787 5.5 -2024-12-11
CVE-2024-40897 ORC 安全漏洞 — ORC 8.6 -2024-07-26
CVE-2024-0444 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-121 7.8 -2024-06-07
CVE-2024-4453 GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability — GStreamerCWE-190 7.8AIHighAI2024-05-22
CVE-2023-50186 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-121 7.8 -2024-05-03
CVE-2023-44446 GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability — GStreamerCWE-416 7.8 -2024-05-03
CVE-2023-44429 GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-122 7.8 -2024-05-03
CVE-2023-40476 GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-121 7.8 -2024-05-03
CVE-2023-40475 GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability — GStreamerCWE-190 7.8 -2024-05-03
CVE-2023-40474 GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability — GStreamerCWE-190 7.8 -2024-05-03
CVE-2023-38104 GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability — GStreamerCWE-190 7.8 -2024-05-03
CVE-2023-38103 GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability — GStreamerCWE-190 7.8 -2024-05-03
CVE-2023-37329 GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-122 7.8 -2024-05-03
CVE-2023-37328 GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-122 7.8 -2024-05-03
CVE-2023-37327 GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability — GStreamerCWE-190 7.8 -2024-05-03

This page lists every published CVE security advisory associated with GStreamer. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.