What is the CVSS score of CVE-2025-47808?

CVE-2025-47808 has a CVSS 3.1 base score of 5.6 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.1%.

Which versions of Gstreamer are affected by CVE-2025-47808?

Organizations using GStreamer should be aware of moderate risk from CVE-2025-47808, a null pointer dereference vulnerability rated CVSS 5.6.. A patch is available.

Is there a public PoC exploit available for CVE-2025-47808?

Yes, a public proof-of-concept exploit is available for CVE-2025-47808. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-47808?

Within 30 days: Identify affected systems running GStreamer and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Gstreamer CVE-2025-47808

MEDIUM

NULL Pointer Dereference (CWE-476)

2025-08-07 cve@mitre.org

Denial Of Service Red Hat Gstreamer Suse

5.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Patch released

Apr 06, 2026 - 08:30 nvd

Patch available

Analysis Generated

Mar 17, 2026 - 20:45 vuln.today

PoC Detected

Mar 17, 2026 - 15:52 vuln.today

Public exploit code

CVE Published

Aug 07, 2025 - 20:15 nvd

MEDIUM 5.6

DescriptionNVD

In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

AnalysisAI

A null pointer dereference vulnerability exists in GStreamer's subparse plugin, specifically in the tmplayer_parse_line function when processing malformed subtitle files. This affects GStreamer through version 1.26.1 and can be triggered by an unauthenticated attacker over the network with moderate complexity, resulting in application crash (denial of service) and potential information disclosure. A public proof-of-concept exploit is available, but the EPSS score of 0.09% (25th percentile) indicates relatively low real-world exploitation probability despite POC availability.

Technical ContextAI

GStreamer is a multimedia framework that handles audio and video processing across multiple platforms. The subparse plugin is responsible for parsing subtitle formats, including the TMPlayer subtitle format. The vulnerability exists in the tmplayer_parse_line function (CWE-476: Null Pointer Dereference), where insufficient input validation or bounds checking on subtitle file contents allows the parser to dereference a NULL pointer during processing. This occurs when the parser encounters malformed subtitle entries that lack expected data structures or contain unexpected formatting. The affected software is identified via CPE (cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*), indicating all versions of GStreamer up to and including 1.26.1 are vulnerable.

RemediationAI

Upgrade GStreamer to the patched version released after 1.26.1; consult the official GStreamer security advisory at https://gstreamer.freedesktop.org/security/ for the exact fixed version number and installation instructions. If immediate patching is not possible, implement validation and sanitization of subtitle files before passing them to the GStreamer parser, restrict subtitle source inputs to trusted and verified files only, and consider deploying media applications in sandboxed environments to limit crash impact. For applications consuming untrusted subtitle files from network sources, enforce strict input validation and error handling to gracefully manage malformed subtitle content.