GStreamer ↗
Summary iPlain-English security verdict for GStreamer, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.
GStreamer currently scores 100/100 — healthy. No tracked vulnerabilities are currently known to be exploited in the wild. The latest supported release is 1.28.4. It's on the latest patch with no significant known issues — keep it current.
Disclosure trend iNew CVEs published for GStreamer each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.
Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.
Most urgent first — actively exploited, then likeliest to be exploited.
CVE-2016-9634 CRITICAL Memory corruption EPSS 9% → see advisory CVE-2016-9635 CRITICAL Memory corruption EPSS 9% → see advisory CVE-2016-9636 CRITICAL Memory corruption EPSS 9% → see advisory CVE-2024-47606 CRITICAL Integer overflow EPSS 1% → fixed in 1.24.10 CVE-2024-47538 CRITICAL CWE-121 EPSS 1% → fixed in 1.24.10 CVE-2024-47607 CRITICAL CWE-121 EPSS 1% → fixed in 1.24.10 CVE-2024-47597 CRITICAL Out-of-bounds read EPSS 1% → fixed in 1.24.10 CVE-2024-47775 CRITICAL Out-of-bounds read EPSS 1% → fixed in 1.24.10 CVE-2024-47776 CRITICAL Out-of-bounds read EPSS 1% → fixed in 1.24.10 CVE-2024-47777 CRITICAL Out-of-bounds read EPSS 1% → fixed in 1.24.10 CVE-2024-47600 CRITICAL Out-of-bounds read EPSS 1% → fixed in 1.24.10 CVE-2024-47615 CRITICAL Out-of-bounds write EPSS 1% → fixed in 1.24.10Get alerted about GStreamer
Be emailed the moment GStreamer gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.
We email only on real events for GStreamer — no marketing, no sharing, and we never know what you run. Track your whole stack →
Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.
How long each GStreamer release line is supported — and when it sunsets. Select a line for its full report.
1.28 latest 1.28.4 Supported 1.28.4 → 1.26 latest 1.26.11 Supported 1.26.11 → 1.24 latest 1.24.13 Supported 1.24.13 → 1.22 latest 1.22.12 End of life 1.22.12 → 1.20 latest 1.20.7 End of life 1.20.7 → 1.18 latest 1.18.6 End of life 1.18.6 → 1.16 latest 1.16.3 End of life 1.16.3 → 1.14 latest 1.14.5 End of life 1.14.5 → 1.12 latest 1.12.5 End of life 1.12.5 → 1.10 latest 1.10.5 End of life 1.10.5 → See all upcoming end-of-life dates →Frequently asked
Is GStreamer safe and patched?
GStreamer currently scores 100/100 — healthy. No tracked vulnerabilities are currently known to be exploited in the wild. The latest supported release is 1.28.4. It's on the latest patch with no significant known issues — keep it current.
What should I do about GStreamer now?
Upgrade GStreamer to the latest supported release (1.28.4) or later and apply available security updates, then confirm against GStreamer's official advisory.
When does GStreamer reach end-of-life?
The latest supported GStreamer release is 1.28.4. After end-of-life a release no longer receives security patches.
Which versions of GStreamer are still receiving security updates?
Supported GStreamer release lines (latest 1.28.4): 1.28, 1.26, 1.24. End-of-life releases no longer receive security patches.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against GStreamer's official advisory before you patch or upgrade — GStreamer official site ↗