GStreamer
open source multimedia framework
Home
Features
News
Annual Conference
Planet (Blogs)
Download
Applications
Security Center
GitLab
Developers
Documentation
Forum
File a Bug
Artwork
@gstreamer on Twitter
@gstreamer on Mastodon
#gstreamer on Matrix

Security Center

Security Contacts

Security notifications or problems should be reported in GitLab by filing an issue and marking it as confidential before submitting it (if you follow the link on the left the confidential checkbox should already be ticked).

If you have patches, please attach them to the confidential issue and not via a merge requests, as merge requests are always public immediately.

The GStreamer project encourages responsible disclosure of security issues.

Security Advisories

GStreamer-SA-2024-0001 (ZDI-CAN-22873) (CVE-2024-0444)

2024-01-24 20:00
AV1 codec parser potential buffer overflow during tile list parsing Details

GStreamer-SA-2023-0011 (ZDI-CAN-22300)

2023-12-18 14:00
AV1 codec parser buffer overflow Details

GStreamer-SA-2023-0010 (ZDI-CAN-22299) (CVE-2023-44446)

2023-11-13 12:00
MXF demuxer use-after-free Details

GStreamer-SA-2023-0009 (ZDI-CAN-22226) (CVE-2023-44429)

2023-11-13 12:00
AV1 codec parser buffer overflow Details

GStreamer-SA-2023-0008 (ZDI-CAN-21768) (CVE-2023-40476)

2023-09-20 20:00
Integer overflow in H.265 video parser leading to stack overwrite Details

GStreamer-SA-2023-0007 (ZDI-CAN-21661) (CVE-2023-40475)

2023-09-20 20:00
Integer overflow leading to heap overwrite in MXF file handling with AES3 audio Details

GStreamer-SA-2023-0006 (ZDI-CAN-21660) (CVE-2023-40474)

2023-09-20 20:00
Integer overflow leading to heap overwrite in MXF file handling with uncompressed video Details

GStreamer-SA-2023-0005 (ZDI-CAN-21444)

2023-07-20 14:00
Integer overflow leading to heap overwrite in RealMedia file handling Details

GStreamer-SA-2023-0004 (ZDI-CAN-21443)

2023-07-20 14:00
Integer overflow leading to heap overwrite in RealMedia file handling Details

GStreamer-SA-2023-0003 (ZDI-CAN-20994) (CVE-2023-37329)

2023-06-20 18:00
Heap overwrite in PGS subtitle overlay decoder Details

GStreamer-SA-2023-0002 (ZDI-CAN-20968) (CVE-2023-37328)

2023-06-20 18:00
Heap overwrite in subtitle parsing Details

GStreamer-SA-2023-0001 (ZDI-CAN-20775) (CVE-2023-37327)

2023-06-20 18:00
Integer overflow leading to heap overwrite in FLAC image tag handling Details

GStreamer-SA-2022-0004 (CVE-2022-1920)

2022-06-15 23:00
Potential heap overwrite in gst_matroska_demux_add_wvpk_header Details

GStreamer-SA-2022-0003 (CVE-2022-2122)

2022-06-15 23:00
Potential heap overwrite in mp4 demuxing using zlib decompression Details

GStreamer-SA-2022-0002 (CVE-2022-1922) (CVE-2022-1923) (CVE-2022-1924) (CVE-2022-1925)

2022-06-15 23:00
Potential heap overwrite in mkv demuxing using zlib/bz2/lzo decompression Details

GStreamer-SA-2022-0001 (CVE-2022-1921)

2022-06-15 23:00
Heap overwrite in avi demuxing Details

GStreamer-SA-2021-0005

2021-03-15 16:00
Stack overflow in gst_ffmpeg_channel_layout_to_gst() Details

GStreamer-SA-2021-0004

2021-03-15 16:00
Out-of-bounds read in realmedia demuxing Details

GStreamer-SA-2021-0003 (CVE-2021-3498)

2021-03-15 16:00
Heap corruption in matroska demuxing Details

GStreamer-SA-2021-0002 (CVE-2021-3497)

2021-03-15 16:00
Use-after-free in matroska demuxing Details

GStreamer-SA-2021-0001 (CVE-2021-3522)

2021-03-15 16:00
Out-of-bounds read in ID3v2 tag parsing Details

GStreamer-SA-2019-0001 (CVE-2019-9928)

2019-04-22 00:30
Buffer overflow in RTSP parsing Details

GStreamer-SA-2016-0002 (CVE-2016-9634) (CVE-2016-9635) (CVE-2016-9636) (CVE-2016-9807)

2016-11-23 03:00
Multiple Issues in FLC/FLI/FLX Decoder Details

GStreamer-SA-2016-0001 (CVE-2016-9445) (CVE-2016-9446)

2016-11-17 16:00
Multiple Issues in VMNC decoder Details


Report a problem on this page.