CVE-2025-47183

Medium CVSS: 6.6

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

Vendor

Gstreamer

Product

Gstreamer

CWE

CWE-125

Yayın Tarihi

2025-08-07 20:15:27

Güncelleme

2026-03-17 15:52:33

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-125 Gstreamer MEDIUM Gstreamer 2025

Referanslar

https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md https://gstreamer.freedesktop.org/security/ https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md

Benzer Kayıtlar

High

CVE-2026-3081

GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows…

High

CVE-2026-3082

GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote a…

High

CVE-2026-3083

GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attacke…

High

CVE-2026-3084

GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote att…

High

CVE-2026-3085

GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote…

High

CVE-2026-3086

GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote a…