CVE-2025-47806 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.6 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA-ADP	ADP	5.6 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 22%

Affected Products (NVD)

Vendor	Product	Version
gstreamer_project	gstreamer	𝑥 < 1.26.2

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

gst-plugins-base1.0

bionic	Fixed 1.14.5-0ubuntu1~18.04.3+esm2 released
focal	Fixed 1.16.3-0ubuntu1.4+esm1 released
jammy	Fixed 1.20.1-1ubuntu0.5 released
noble	Fixed 1.24.2-1ubuntu0.3 released
plucky	Fixed 1.26.0-1ubuntu0.1 released
questing	Fixed 1.26.2-1 released
xenial	Fixed 1.8.3-1ubuntu0.3+esm3 released

Known Exploits!

https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md

Common Weakness Enumeration

CWE-121 - Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References

https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md

https://gstreamer.freedesktop.org/security/