CVE Details
Basic Information
| Title | CVE-2025-3887 |
|---|---|
| Type | cve |
| Published | 2025-05-22T01:15:54 |
| Last Seen | 2025-05-22T01:26:08 |
CVSS Information
| Base Score | 8.8 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
AI Analysis
| AI Description | A stack-based buffer overflow vulnerability exists in GStreamer’s H265 codec parsing, allowing remote attackers to execute arbitrary code on affected installations. The vulnerability requires user interaction, such as opening a malicious file, to be exploited. |
|---|---|
| AI Severity | High |
| Vendor | GStreamer |
| Product | GStreamer |
| Affected Version |
Additional Information
| CVE List | CVE-2025-3887 |
|---|---|
| CWE List | CWE-121 |
| Bulletin Family | cve |
Description
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)