Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gstreamer — Vulnerabilities & Security Advisories 56

Browse all 56 CVE security advisories affecting gstreamer. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GStreamer is an open-source multimedia framework primarily used for constructing graphs of media-handling components, ranging from simple audio playback to complex video editing and streaming applications. Its widespread adoption in Linux-based systems and embedded devices makes it a critical infrastructure component for media processing. Historically, the framework has been susceptible to a variety of vulnerability classes, including buffer overflows, use-after-free errors, and integer overflows, which frequently lead to remote code execution or denial-of-service conditions. With 56 recorded CVEs, these flaws often stem from parsing complex media formats or handling untrusted input data. While no single catastrophic incident has defined its security history, the high volume of vulnerabilities highlights the challenges of maintaining robust memory safety in a C-based codebase. Developers must apply patches diligently to mitigate risks associated with processing maliciously crafted media files.

Top products by gstreamer: GStreamer ORC
CVE IDTitleCVSSSeverityPublished
CVE-2026-3084 GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability — GStreamerCWE-191 8.4 -2026-03-13
CVE-2026-2921 GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability — GStreamerCWE-190 7.8 -2026-03-13
CVE-2026-3083 GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability — GStreamerCWE-129 9.8 -2026-03-13
CVE-2026-3086 GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability — GStreamerCWE-787 8.4 -2026-03-13
CVE-2026-3085 GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-122 9.8 -2026-03-13
CVE-2026-3082 GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-122 8.8 -2026-03-13
CVE-2026-3081 GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-121 8.4 -2026-03-13
CVE-2026-2923 GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability — GStreamerCWE-787 8.4 -2026-03-13
CVE-2026-2922 GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability — GStreamerCWE-787 8.4 -2026-03-13
CVE-2026-2920 GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-122 7.8 -2026-03-13
CVE-2025-6663 GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-121 9.8 -2025-07-07
CVE-2025-2759 GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability — GStreamerCWE-732 7.8AIHighAI2025-05-22
CVE-2025-3887 GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — GStreamerCWE-121 9.8AICriticalAI2025-05-22
CVE-2024-47834 GHSL-2024-280: Gstreamer Use-After-Free read in Matroska CodecPrivate — gstreamerCWE-416 7.7 -2024-12-11
CVE-2024-47835 GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser — gstreamerCWE-476 5.5 -2024-12-11
CVE-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk — gstreamerCWE-125 8.1 -2024-12-11
CVE-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk — gstreamerCWE-125 5.5 -2024-12-11
CVE-2024-47776 GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk — gstreamerCWE-125 7.1 -2024-12-11
CVE-2024-47775 GHSL-2024-261: GStreamer has an OOB-read in parse_ds64 — gstreamerCWE-125 7.1 -2024-12-11
CVE-2024-47774 GHSL-2024-262: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk — gstreamerCWE-125 7.1 -2024-12-11
CVE-2024-47613 GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush — gstreamerCWE-476 7.1 -2024-12-11
CVE-2024-47615 GHSL-2024-117: GStreamer has an out-of-bounds write in Ogg demuxer — gstreamerCWE-787 7.1 -2024-12-11
CVE-2024-47607 GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header — gstreamerCWE-121 7.8 -2024-12-11
CVE-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes — gstreamerCWE-190 8.4 -2024-12-11
CVE-2024-47603 GHSL-2024-251: GStreamer NULL-pointer dereference in Matroska/WebM demuxer — gstreamerCWE-476 5.5 -2024-12-11
CVE-2024-47602 GHSL-2024-250: Streamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer — gstreamerCWE-476 5.5 -2024-12-11
CVE-2024-47601 GHSL-2024-249: GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer — gstreamerCWE-476 5.5 -2024-12-11
CVE-2024-47600 GHSL-2024-248: GStreamer has an OOB-read in format_channel_mask — gstreamerCWE-125 7.1 -2024-12-11
CVE-2024-47599 GHSL-2024-247: GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences — gstreamerCWE-476 5.5 -2024-12-11
CVE-2024-47598 GHSL-2024-246: GStreamer has an OOB-read in qtdemux_merge_sample_table — gstreamerCWE-125 5.5 -2024-12-11

This page lists every published CVE security advisory associated with gstreamer. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.