CNNVD-202508-709 Information

CNNVD ID

CNNVD-202508-709

Related CVE

CVE-2025-47219

• CNNVD Published: 2025-08-07

Description (Chinese)

GStreamer是GStreamer开源的一套用于处理流媒体的框架。 GStreamer 1.26.1及之前版本存在安全漏洞，该漏洞源于qtdemux_parse_trak函数存在越界读取，可能导致信息泄露。

Description (English)

GStreamer is an open-source framework for processing streaming media. There is a security loophole in GStreamer 1.26.1 and earlier versions, which stems from the presence of the qtdemux parse trak function, which can lead to the disclosure of information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

GStreamer

Published

2025-08-07

Last Modified

2026-02-24

References

https://gstreamer.freedesktop.org/security/ https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md https://www.oracle.com/security-alerts/cpujan2026.html https://vigilance.fr/vulnerability/Gstreamer-out-of-bounds-memory-reading-via-MOV-MP4-Demuxer-47490

Patch

https://gstreamer.freedesktop.org/