CVE-2025-47219
EUVD-2025-2394507.08.2025, 20:15
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gstreamer | gstreamer | 𝑥 < 1.26.2 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | SIMATIC CN 4100 | 𝑥 < V5.0 | ADP |
| siemens | simatic_cn_4100 | 𝑥 < 5.0 | ADP |
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| gstreamer-plugins-good |
| ||||||||||||||||
| gstreamer-plugins-good-lang |
|
Common Weakness Enumeration