Astra Linux - уязвимость в gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A OOB-write vulnerability has been identified in the gstssaparse.c file’s gstssaparseremoveoverridecodes function. This function is responsible for parsing and removing SSA SubStation Alpha style override codes, which ar...

EUVD-2023-44382

Malicious code in bioql PyPI...

Medium: gstreamer1-plugins-base

Issue Overview: GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style...

CVE-2024-47541

A flaw was found in the GStreamer library. An out-of-bounds write in the SSA subtitle parser can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash...

DEBIAN-CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

ALPINE-CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

CVE-2024-47541 GHSL-2024-228: GStreamer has an out-of-bounds write in SSA subtitle parser

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

CVE-2024-47541

GStreamer base plugins contain an OOB write in the SSA subtitle parser (gst_ssa_parse_remove_override_codes in gstssaparse.c) when a '}' precedes '{', causing memmove to duplicate substrings and write beyond allocated memory. Fixed in 1.24.10. Affected: gstreamer1-plugins-base (and related packag...

CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

GStreamer 缓冲区错误漏洞

GStreamer is the GStreamer open source set of frameworks for processing streaming media. GStreamer suffers from a buffer error vulnerability that stems from an out-of-bounds write vulnerability found in the gstssaparseremoveoverridecodes function in the gstssaparse.c file...

CVE-2023-3747

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

CVE-2023-3747

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

Code injection

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

CVE-2023-3747 Insufficient Validation on Override Codes for Always-Enabled WARP Mode

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

CVE-2023-3747 Insufficient Validation on Override Codes for Always-Enabled WARP Mode

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

CVE-2023-3747

CVE-2023-3747 describes a vulnerability in Cloudflare WARP/Zero Trust where there is insufficient server-side validation of override codes. A local attacker with access to the device can extend the maximum disconnected time of the WARP client by altering the device’s clock, exploiting the overrid...