Gst Plugins Ugly

CVEs (4)

• CVE-2017-5847HigFeb 9, 2017
  Gstreamer

  Gstreamer
  risk 0.49cvss 7.5epss 0.04

  The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

• CVE-2026-53704HigJun 15, 2026
  Gstreamer

  Gst Plugins Ugly
  risk 0.46cvss 7.1epss —

  A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using re_skip_pascal_string() without…

• CVE-2026-53703HigJun 15, 2026
  Gstreamer

  Gst Plugins Ugly
  risk 0.46cvss 7.1epss —

  A vulnerability was found in the GStreamer RealMedia demuxer (gst-plugins-ugly). When processing a RealMedia (.rm) file, the demuxer parses MDPR (media properties) chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec…

• CVE-2017-5846MedFeb 9, 2017
  Gstreamer

  Gstreamer
  risk 0.36cvss 5.5epss 0.01

  The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.