Security Center

Security Contacts

Security notifications or problems should be reported in GitLab by filing an issue and marking it as confidential before submitting it.

If you have patches, please attach them to the confidential issue and not via a merge requests, as merge requests are always public immediately.

The GStreamer project encourages responsible disclosure of security issues.

Security Advisories

GStreamer-SA-2021-0005	2021-03-15 16:00
Stack overflow in gst_ffmpeg_channel_layout_to_gst() Details
GStreamer-SA-2021-0004	2021-03-15 16:00
Out-of-bounds read in realmedia demuxing Details
GStreamer-SA-2021-0003 (CVE-2021-3498)	2021-03-15 16:00
Heap corruption in matroska demuxing Details
GStreamer-SA-2021-0002 (CVE-2021-3497)	2021-03-15 16:00
Use-after-free in matroska demuxing Details
GStreamer-SA-2021-0001 (CVE-2021-3522)	2021-03-15 16:00
Out-of-bounds read in ID3v2 tag parsing Details
GStreamer-SA-2019-0001 (CVE-2019-9928)	2019-04-22 00:30
Buffer overflow in RTSP parsing Details
GStreamer-SA-2016-0002 (CVE-2016-9634) (CVE-2016-9635) (CVE-2016-9636) (CVE-2016-9807)	2016-11-23 03:00
Multiple Issues in FLC/FLI/FLX Decoder Details
GStreamer-SA-2016-0001 (CVE-2016-9445) (CVE-2016-9446)	2016-11-17 16:00
Multiple Issues in VMNC decoder Details