DEBIAN-CVE-2026-46469
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-46469
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-46469.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-46469
- Upstream
- Published
- 2026-05-14T18:16:50.653Z
- Modified
- 2026-05-20T09:00:13.885109443Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero.
- References
Affected packages
Debian:11 / gst-plugins-good1.0
Package
- Name
- gst-plugins-good1.0
- Purl
- pkg:deb/debian/gst-plugins-good1.0?arch=source&distro=bullseye
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.18.4-2
1.18.4-2+deb11u1
1.18.4-2+deb11u2
1.18.4-2+deb11u3
1.18.4-2+deb11u4
1.18.5-1
1.18.5-1+hurd.1
1.18.5-2
1.19.90-1
1.20.0-1
1.20.0-2
1.20.1-1
1.20.2-1
1.20.3-1
1.20.5-1
1.20.5-2
1.22.0-1
1.22.0-2
1.22.0-3
1.22.0-4
1.22.0-5
1.22.1-1
1.22.3-1
1.22.3-2
1.22.4-1
1.22.5-1
1.22.6-1
1.22.7-1
1.22.8-1
1.22.8-2
1.22.8-3
1.22.9-1
1.22.10-1
1.23.1-1
1.23.2-1
1.23.90-1
1.24.0-1
1.24.1-1
1.24.1-2
1.24.2-1
1.24.3-1
1.24.4-1
1.24.5-1
1.24.6-1
1.24.7-1
1.24.8-1
1.24.9-1
1.24.10-1
1.24.11-1
1.24.11-2
1.24.11-3
1.24.11-4
1.24.11-5
1.24.12-1
1.25.1-1
1.25.1-2
1.25.1-3
1.25.50-1
1.25.90-1
1.25.90-2
1.26.0-1
1.26.1-1
1.26.2-1
1.26.3-1
1.26.4-1
1.26.5-1
1.26.5-2
1.26.5-2+hurd.1
1.26.5-3
1.26.6-1
1.26.7-1
1.26.8-1
1.26.9-1
1.26.10-1
1.27.1-1
1.27.2-1
1.27.50-1
1.27.50-2
1.27.90-1
1.28.0-1
1.28.1-1
1.28.2-1
1.28.2-2
1.28.2-3
1.28.2-4
1.28.3-1
1.29.1-1
Debian:12 / gst-plugins-good1.0
Package
- Name
- gst-plugins-good1.0
- Purl
- pkg:deb/debian/gst-plugins-good1.0?arch=source&distro=bookworm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.22.0-5
1.22.0-5+deb12u1
1.22.0-5+deb12u2
1.22.0-5+deb12u3
1.22.1-1
1.22.3-1
1.22.3-2
1.22.4-1
1.22.5-1
1.22.6-1
1.22.7-1
1.22.8-1
1.22.8-2
1.22.8-3
1.22.9-1
1.22.10-1
1.23.1-1
1.23.2-1
1.23.90-1
1.24.0-1
1.24.1-1
1.24.1-2
1.24.2-1
1.24.3-1
1.24.4-1
1.24.5-1
1.24.6-1
1.24.7-1
1.24.8-1
1.24.9-1
1.24.10-1
1.24.11-1
1.24.11-2
1.24.11-3
1.24.11-4
1.24.11-5
1.24.12-1
1.25.1-1
1.25.1-2
1.25.1-3
1.25.50-1
1.25.90-1
1.25.90-2
1.26.0-1
1.26.1-1
1.26.2-1
1.26.3-1
1.26.4-1
1.26.5-1
1.26.5-2
1.26.5-2+hurd.1
1.26.5-3
1.26.6-1
1.26.7-1
1.26.8-1
1.26.9-1
1.26.10-1
1.27.1-1
1.27.2-1
1.27.50-1
1.27.50-2
1.27.90-1
1.28.0-1
1.28.1-1
1.28.2-1
1.28.2-2
1.28.2-3
1.28.2-4
1.28.3-1
1.29.1-1
Debian:13 / gst-plugins-good1.0
Package
- Name
- gst-plugins-good1.0
- Purl
- pkg:deb/debian/gst-plugins-good1.0?arch=source&distro=trixie
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:14 / gst-plugins-good1.0
Package
- Name
- gst-plugins-good1.0
- Purl
- pkg:deb/debian/gst-plugins-good1.0?arch=source&distro=forky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.28.2-1