CNNVD-202508-708 Information

CNNVD ID

CNNVD-202508-708

Related CVE

CVE-2025-47183

• CNNVD Published: 2025-08-07

Description (Chinese)

GStreamer是GStreamer开源的一套用于处理流媒体的框架。 GStreamer 1.26.1及之前版本存在安全漏洞，该漏洞源于qtdemux_parse_tree函数存在越界读取，可能导致信息泄露。

Description (English)

GStreamer is an open-source framework for processing streaming media. There is a security loophole in GStreamer 1.26.1 and earlier versions, which stems from the presence of the qtdemux parse tree function across borders, which may lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

GStreamer

Published

2025-08-07

Last Modified

2026-02-24

References

https://gstreamer.freedesktop.org/security/ https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md https://vigilance.fr/vulnerability/Gstreamer-out-of-bounds-memory-reading-via-MOV-MP4-Demuxer-47489

Patch

https://gstreamer.freedesktop.org/