« List of all CVEs

CVE-2021-3522

Published: 6/2/2021 Last updated: 5/28/2026 Reserved: 4/28/2021

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 5.5 Medium CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Opam packages affected (3)

conf-gstreamer conf-openjdk gstreamer

Products affected (2)

Product Vendor Version
GStreamer n/a < n/a
GStreamer n/a n/a

References (16)