CVE-2025-47219

High CVSS: 8.1

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

Vendor

Gstreamer

Product

Gstreamer

CWE

CWE-125

Yayın Tarihi

2025-08-07 20:15:27

Güncelleme

2026-03-17 15:52:33

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-125 Gstreamer HIGH Gstreamer 2025

Referanslar

https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md https://gstreamer.freedesktop.org/security/

Benzer Kayıtlar

High

CVE-2026-3081

GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows…

High

CVE-2026-3082

GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote a…

High

CVE-2026-3083

GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attacke…

High

CVE-2026-3084

GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote att…

High

CVE-2026-3085

GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote…

High

CVE-2026-3086

GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote a…