Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20240910-08
HistorySep 10, 2024 - 12:00 a.m.

ROS-20240910-08

2024-09-1000:00:00
redos.red-soft.ru
22
golang
gstreamer
vulnerability
resource consumption
integer overflow
denial of service
sensitive data
unauthorized access

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

JSON

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources.
resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition.
denial of service

A vulnerability in the Gstreamer multimedia framework is related to integer overflow. Exploitation
of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service.
integrity, as well as cause a denial of service via a specially crafted file

A vulnerability in the gst_avi_demux_invert function of the Gstreamer multimedia framework is caused by an integer
overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code

A vulnerability in the gst_matroska_demux_add_wvpk_header function of the Gstreamer multimedia framework is caused by an integer overflow.
by an integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary
code

A vulnerability in the gst_matroska_decompress_data function of the Gstreamer multimedia framework is caused by an integer overflow.
by an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the qtdemux_inflate function of the Gstreamer multimedia framework is caused by an integer overflow.
overflow. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information

A vulnerability in the gst_matroska_decompress_data function of the Gstreamer multimedia framework is caused by an integer overflow.
by an integer overflow. Exploitation of the vulnerability could allow an attacker to impact the
confidentiality, integrity and availability of protected information

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64gstreamer1-plugins-good< 1.16.3-2UNKNOWN

Related

nessus 43
osv 18
openvas 33
oraclelinux 3
gentoo 1
debian 3
ubuntu 3
suse 2
mageia 2
redhat 3
rosalinux 1
almalinux 3
photon 1
ubuntucve 8
amazon 4
nvd 8
rocky 1
redhatcve 8
cve 8
alpinelinux 8
debiancve 8
zdi 1
vulnrichment 1
cvelist 8
veracode 7
prion 7
fedora 4
hp 2
nessus
nessus
AlmaLinux 9 : gstreamer1-plugins-good (ALSA-2023:2260)
2023-05-14 00:00:00
Debian DSA-5204-1 : gst-plugins-good1.0 - security update
2022-08-10 00:00:00
SUSE SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2022:2911-1)
2022-08-27 00:00:00
osv
osv
gst-plugins-good1.0 - security update
2022-08-09 00:00:00
gst-plugins-good1.0 vulnerabilities
2022-08-08 15:28:12
Moderate: gstreamer1-plugins-good security update
2023-05-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5555-1)
2022-08-09 00:00:00
Huawei EulerOS: Security Advisory for gstreamer1-plugins-good (EulerOS-SA-2022-2269)
2022-08-18 00:00:00
Debian: Security Advisory (DSA-5204-1)
2022-08-11 00:00:00
oraclelinux
oraclelinux
gstreamer1-plugins-good security update
2023-05-15 00:00:00
gstreamer1-plugins-good security update
2024-05-23 00:00:00
gstreamer1-plugins-good security update
2024-05-02 00:00:00
gentoo
gentoo
gst-plugins-good: Multiple Vulnerabilities
2024-09-22 00:00:00
debian
debian
[SECURITY] [DSA 5204-1] gst-plugins-good1.0 security update
2022-08-09 19:19:23
[SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
2022-08-09 15:51:07
[SECURITY] [DLA 3505-1] gst-plugins-good1.0 security update
2023-07-25 17:12:19
ubuntu
ubuntu
GStreamer Good Plugins vulnerabilities
2022-08-08 00:00:00
GStreamer Good Plugins vulnerability
2023-08-02 00:00:00
GStreamer Base Plugins vulnerabilities
2023-08-02 00:00:00
suse
suse
Security update for gstreamer-plugins-good (moderate)
2022-11-08 00:00:00
Security update for gstreamer-plugins-good (important)
2022-08-31 00:00:00
mageia
mageia
Updated gstreamer1.0-plugins-good packages fix security vulnerability
2022-09-10 23:26:43
Updated gstreamer packages fix many security vulnerabilities
2023-12-22 14:04:51
redhat
redhat
(RHSA-2023:2260) Moderate: gstreamer1-plugins-good security update
2023-05-09 05:05:15
(RHSA-2024:3089) Moderate: gstreamer1-plugins-good security update
2024-05-22 06:35:34
(RHSA-2024:2303) Moderate: gstreamer1-plugins-good security update
2024-04-30 06:15:19
rosalinux
rosalinux
Advisory ROSA-SA-2024-2462
2024-08-06 09:26:33
almalinux
almalinux
Moderate: gstreamer1-plugins-good security update
2023-05-09 00:00:00
Moderate: gstreamer1-plugins-good security update
2024-04-30 00:00:00
Moderate: gstreamer1-plugins-good security update
2024-05-22 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0320
2023-01-23 00:00:00
ubuntucve
ubuntucve
CVE-2022-1925
2022-07-19 00:00:00
CVE-2022-1924
2022-07-19 00:00:00
CVE-2022-2122
2022-07-19 00:00:00
amazon
amazon
Important: gstreamer-plugins-base
2023-07-17 17:39:00
Important: gstreamer1-plugins-good
2023-07-20 17:28:00
Important: gstreamer1-plugins-base
2023-07-20 17:28:00
nvd
nvd
CVE-2023-37327
2024-05-03 02:15:43
CVE-2022-1923
2022-07-19 20:15:10
CVE-2022-2122
2022-07-19 20:15:11
rocky
rocky
gstreamer1-plugins-good security update
2024-06-14 13:59:30
redhatcve
redhatcve
CVE-2023-37327
2023-12-14 12:27:39
CVE-2022-1923
2022-09-29 14:49:21
CVE-2022-1925
2022-09-29 16:49:19
cve
cve
CVE-2023-37327
2024-05-03 02:15:43
CVE-2022-1923
2022-07-19 20:15:10
CVE-2022-1920
2022-07-19 20:15:10
alpinelinux
alpinelinux
CVE-2023-37327
2024-05-03 02:15:43
CVE-2022-1925
2022-07-19 20:15:11
CVE-2022-1923
2022-07-19 20:15:10
debiancve
debiancve
CVE-2023-37327
2024-05-03 02:15:43
CVE-2022-1921
2022-07-19 20:15:10
CVE-2022-1925
2022-07-19 20:15:11
zdi
zdi
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability
2023-07-06 00:00:00
vulnrichment
vulnrichment
CVE-2023-37327 GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability
2024-05-03 01:58:19
cvelist
cvelist
CVE-2023-37327 GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability
2024-05-03 01:58:19
CVE-2022-1925
2022-07-19 19:10:49
CVE-2022-1923
2022-07-19 19:13:29
veracode
veracode
Denial Of Service (DoS)
2023-11-30 21:30:59
Denial Of Service (DoS)
2023-11-30 21:31:03
Integer Overflow
2023-11-30 18:34:09
prion
prion
Integer overflow
2022-07-19 20:15:00
Integer overflow
2022-07-19 20:15:00
Integer overflow
2022-07-19 20:15:00
fedora
fedora
[SECURITY] Fedora 38 Update: mingw-gstreamer1-plugins-bad-free-1.22.7-1.fc38
2023-12-25 03:37:39
[SECURITY] Fedora 38 Update: mingw-gstreamer1-1.22.7-1.fc38
2023-12-25 03:37:39
[SECURITY] Fedora 38 Update: mingw-gstreamer1-plugins-good-1.22.7-1.fc38
2023-12-25 03:37:40
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

JSON
Related for ROS-20240910-08
nessus43osv18openvas33oraclelinux3gentoo1debian3ubuntu3suse2mageia2redhat3rosalinux1almalinux3photon1ubuntucve8amazon4nvd8rocky1redhatcve8cve8alpinelinux8debiancve8zdi1vulnrichment1cvelist8veracode7prion7fedora4hp2