VDB

CISA-2025-47183

CISA-2025-47183 PUBLISHED CVSS 6.6 MEDIUM

Reported by mitre · Published August 7, 2025

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

Risk Scores

CVSS 3.1
6.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

Affected Products

VendorProductVersions
n/an/an/a
n/an/an/a, n/a

Timeline

  • Aug 7, 2025 CVE Published
  • Aug 11, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›