CVE-2025-47219

Published August 7th, 2025

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

atredispartners/advisories

Atredis Partners Security Advisories

GitHub