CVE-2026-46470

Summary

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero.

Affected Software

VendorProductVersion RangeStatus
GStreamerGood Plug-ins0 < 1.28.2affected

Weaknesses

  • CWE-369: CWE-369 Divide By Zero

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References