CVE-2025-47806 on CTRL-OS 24.05

Packages: gst_all_1.gst-plugins-base

Status: Plausible

CVE Information

In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.

Updates

2026-04-07 19:25 CEST

Metadata changes:

• Status for package gst_all_1.gst-plugins-base: “Plausible”

(Amended on: 2026-04-07 19:26 CEST)