FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-03-29 11:53:11 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
791d4b29-19fb-11f1-87cc-e73692421fef	gstreamer1 -- multiple vulnerabilities The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.1 release: Twelve security vulnerabilities were addressed, including: Out-of-bounds reads and writes in the H.266 video parser, WAV parser, MP4 and ASF demuxers, and DVB subtitle decoder. Integer overflows in the RIFF parser and Huffman table handling in the JPEG parser. Stack buffer overflows in the RTP QDM2 depayloader and H.266 parser. These could lead to application crashes or potentially arbitrary code execution. Discovery 2026-02-25 Entry 2026-03-07 gstreamer1 < 1.28.1 gstreamer1-plugins < 1.28.1 gstreamer1-plugins-good < 1.28.1 gstreamer1-plugins-bad < 1.28.1 gstreamer1-plugins-ugly < 1.28.1 CVE-2026-1940 CVE-2026-3082 CVE-2026-2921 CVE-2026-2922 CVE-2026-2920 CVE-2026-2923 CVE-2026-3083 CVE-2026-3085 CVE-2026-3086 CVE-2026-3081 CVE-2026-3084 https://gstreamer.freedesktop.org/security/sa-2026-0001.html https://gstreamer.freedesktop.org/security/sa-2026-0002.html https://gstreamer.freedesktop.org/security/sa-2026-0003.html https://gstreamer.freedesktop.org/security/sa-2026-0004.html https://gstreamer.freedesktop.org/security/sa-2026-0005.html https://gstreamer.freedesktop.org/security/sa-2026-0006.html https://gstreamer.freedesktop.org/security/sa-2026-0007.html https://gstreamer.freedesktop.org/security/sa-2026-0008.html https://gstreamer.freedesktop.org/security/sa-2026-0009.html https://gstreamer.freedesktop.org/security/sa-2026-0010.html https://gstreamer.freedesktop.org/security/sa-2026-0011.html https://gstreamer.freedesktop.org/security/sa-2026-0012.html
500cc49c-e93b-11f0-b8d8-4ccc6adda413	gstreamer1-plugins-bad -- Out-of-bounds reads in MIDI parser The GStreamer Security Center reports: Multiple out-of-bounds reads in the MIDI parser that can cause crashes for certain input files. Discovery 2025-12-27 Entry 2026-01-04 gstreamer1-plugins-bad < 1.26.10 CVE-2025-67326 CVE-2025-67327 https://gstreamer.freedesktop.org/security/sa-2025-0009.html

VuXML ID

Description

791d4b29-19fb-11f1-87cc-e73692421fef

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.1 release:

Twelve security vulnerabilities were addressed, including:

Out-of-bounds reads and writes in the H.266 video parser, WAV parser, MP4 and ASF demuxers, and DVB subtitle decoder.

Integer overflows in the RIFF parser and Huffman table handling in the JPEG parser.

Stack buffer overflows in the RTP QDM2 depayloader and H.266 parser.

These could lead to application crashes or potentially arbitrary code execution.

Discovery 2026-02-25
Entry 2026-03-07
gstreamer1

< 1.28.1

gstreamer1-plugins

< 1.28.1

gstreamer1-plugins-good

< 1.28.1

gstreamer1-plugins-bad

< 1.28.1

gstreamer1-plugins-ugly

< 1.28.1

CVE-2026-1940
CVE-2026-3082
CVE-2026-2921
CVE-2026-2922
CVE-2026-2920
CVE-2026-2923
CVE-2026-3083
CVE-2026-3085
CVE-2026-3086
CVE-2026-3081
CVE-2026-3084
https://gstreamer.freedesktop.org/security/sa-2026-0001.html
https://gstreamer.freedesktop.org/security/sa-2026-0002.html
https://gstreamer.freedesktop.org/security/sa-2026-0003.html
https://gstreamer.freedesktop.org/security/sa-2026-0004.html
https://gstreamer.freedesktop.org/security/sa-2026-0005.html
https://gstreamer.freedesktop.org/security/sa-2026-0006.html
https://gstreamer.freedesktop.org/security/sa-2026-0007.html
https://gstreamer.freedesktop.org/security/sa-2026-0008.html
https://gstreamer.freedesktop.org/security/sa-2026-0009.html
https://gstreamer.freedesktop.org/security/sa-2026-0010.html
https://gstreamer.freedesktop.org/security/sa-2026-0011.html
https://gstreamer.freedesktop.org/security/sa-2026-0012.html

500cc49c-e93b-11f0-b8d8-4ccc6adda413

gstreamer1-plugins-bad -- Out-of-bounds reads in MIDI parser

The GStreamer Security Center reports:

Multiple out-of-bounds reads in the MIDI parser that can cause crashes for certain input files.

Discovery 2025-12-27
Entry 2026-01-04
gstreamer1-plugins-bad

< 1.26.10

CVE-2025-67326
CVE-2025-67327
https://gstreamer.freedesktop.org/security/sa-2025-0009.html