Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2024:2303
HistoryApr 30, 2024 - 12:00 a.m.

Moderate: gstreamer1-plugins-good security update

2024-04-3000:00:00
Google
osv.dev
11
gstreamer
plugins-good
security update
integer overflow
flac
cve-2023-37327
lgpl license
media framework

CVSS3

7.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

16.2%

JSON

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.

Security Fix(es):

  • gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling (CVE-2023-37327)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Related

openvas 22
nessus 26
osv 6
amazon 4
debian 1
redhat 2
oraclelinux 2
ubuntucve 1
almalinux 2
nvd 1
rocky 1
ubuntu 2
redhatcve 1
cve 1
alpinelinux 1
debiancve 1
zdi 1
vulnrichment 1
cvelist 1
fedora 4
redos 1
mageia 1
hp 2
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:3266-1)
2023-08-11 00:00:00
Ubuntu: Security Advisory (USN-6269-1)
2023-08-03 00:00:00
openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:3219-1)
2024-03-04 00:00:00
nessus
nessus
Amazon Linux 2 : gstreamer1-plugins-base (ALAS-2023-2154)
2023-07-26 00:00:00
Debian DLA-3505-1 : gst-plugins-good1.0 - LTS security update
2023-07-26 00:00:00
Amazon Linux 2 : gstreamer-plugins-base (ALAS-2023-2121)
2023-07-20 00:00:00
osv
osv
gst-plugins-good1.0 - security update
2023-07-02 00:00:00
gst-plugins-good1.0 vulnerability
2023-08-02 16:23:42
gst-plugins-good1.0 - security update
2023-07-25 00:00:00
amazon
amazon
Important: gstreamer-plugins-base
2023-07-17 17:39:00
Important: gstreamer1-plugins-good
2023-07-20 17:28:00
Important: gstreamer1-plugins-base
2023-07-20 17:28:00
debian
debian
[SECURITY] [DLA 3505-1] gst-plugins-good1.0 security update
2023-07-25 17:12:19
redhat
redhat
(RHSA-2024:3089) Moderate: gstreamer1-plugins-good security update
2024-05-22 06:35:34
(RHSA-2024:2303) Moderate: gstreamer1-plugins-good security update
2024-04-30 06:15:19
oraclelinux
oraclelinux
gstreamer1-plugins-good security update
2024-05-23 00:00:00
gstreamer1-plugins-good security update
2024-05-02 00:00:00
ubuntucve
ubuntucve
CVE-2023-37327
2023-07-31 00:00:00
almalinux
almalinux
Moderate: gstreamer1-plugins-good security update
2024-04-30 00:00:00
Moderate: gstreamer1-plugins-good security update
2024-05-22 00:00:00
nvd
nvd
CVE-2023-37327
2024-05-03 02:15:43
rocky
rocky
gstreamer1-plugins-good security update
2024-06-14 13:59:30
ubuntu
ubuntu
GStreamer Good Plugins vulnerability
2023-08-02 00:00:00
GStreamer Base Plugins vulnerabilities
2023-08-02 00:00:00
redhatcve
redhatcve
CVE-2023-37327
2023-12-14 12:27:39
cve
cve
CVE-2023-37327
2024-05-03 02:15:43
alpinelinux
alpinelinux
CVE-2023-37327
2024-05-03 02:15:43
debiancve
debiancve
CVE-2023-37327
2024-05-03 02:15:43
zdi
zdi
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability
2023-07-06 00:00:00
vulnrichment
vulnrichment
CVE-2023-37327 GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability
2024-05-03 01:58:19
cvelist
cvelist
CVE-2023-37327 GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability
2024-05-03 01:58:19
fedora
fedora
[SECURITY] Fedora 38 Update: mingw-gstreamer1-plugins-bad-free-1.22.7-1.fc38
2023-12-25 03:37:39
[SECURITY] Fedora 38 Update: mingw-gstreamer1-1.22.7-1.fc38
2023-12-25 03:37:39
[SECURITY] Fedora 38 Update: mingw-gstreamer1-plugins-good-1.22.7-1.fc38
2023-12-25 03:37:40
redos
redos
ROS-20240910-08
2024-09-10 00:00:00
mageia
mageia
Updated gstreamer packages fix many security vulnerabilities
2023-12-22 14:04:51
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00

CVSS3

7.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

16.2%

JSON
Related for OSV:ALSA-2024:2303
openvas22nessus26osv6amazon4debian1redhat2oraclelinux2ubuntucve1almalinux2nvd1rocky1ubuntu2redhatcve1cve1alpinelinux1debiancve1zdi1vulnrichment1cvelist1fedora4redos1mageia1hp2