Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free security update

An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

gstreamer: AV1 codec parser heap-based buffer overflow

A heap-based buffer overflow vulnerability was found in GStreamer in the AV1 codec parser when handling certain malformed streams. A malicious third party could use this flaw to trigger a crash in the application and possibly affect code execution through heap manipulation...

gstreamer1-plugins-bad-free security update

1.22.1-2 - Patch CVE-2023-44429: AV1 codec parser heap-based buffer overflow - Patch CVE-2023-44446: MXF demuxer use-after-free - Resolves: RHEL-17030, RHEL-17039...

SUSE-SU-2023:4875-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2023-44429: Fixed GStreamer AV1 Codec Parsing Heap-based Buffer Overflow bsc1217211...

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free security update

An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

gstreamer: AV1 codec parser heap-based buffer overflow

A heap-based buffer overflow vulnerability was found in GStreamer in the AV1 codec parser when handling certain malformed streams. A malicious third party could use this flaw to trigger a crash in the application and possibly affect code execution through heap manipulation...

gstreamer: AV1 codec parser heap-based buffer overflow

A heap-based buffer overflow vulnerability was found in GStreamer in the AV1 codec parser when handling certain malformed streams. A malicious third party could use this flaw to trigger a crash in the application and possibly affect code execution through heap manipulation...

ALSA-2023:7791 Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer...

Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer...

The vulnerability of the io.netty package: The netty-codec-http network programming framework from Netty allows attackers to exploit it to disclose protected information.

The vulnerability of the io.netty package: The netty-codec-http network programming framework in Netty is related to deficiencies in the system’s controlled zones. Exploiting this vulnerability can allow attackers to disclose protected information...

SUSE CVE-2023-49460

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...

SUSE CVE-2023-49464

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::getlumabitsperpixelfromconfigurationunci...

CVE-2023-49464

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::getlumabitsperpixelfromconfigurationunci...

DEBIAN-CVE-2023-49464

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::getlumabitsperpixelfromconfigurationunci...

libheif Security Vulnerabilities

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. A security vulnerability exists in libheif version v1.17.5, which stems from the discovery of a containment segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...

libheif Security Vulnerabilities

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. A security vulnerability exists in libheif version v1.17.5, which stems from the inclusion of a segmentation violation via the UncompressedImageCodec::getlumabitsperpixelfromconfigurationunci discovery function...

CVE-2023-49096 Argument Injection in FFmpeg codec parameters in Jellyfin

Jellyfin is a Free Software Media System for managing and streaming media. In affected versions there is an argument injection in the VideosController, specifically the /Videos//stream and /Videos//stream. endpoints which are present in the current Jellyfin version. Additional endpoints in the...

PT-2023-31054 · Jellyfin · Jellyfin

Name of the Vulnerable Software and Affected Versions: Jellyfin versions prior to 10.8.13 Description: The issue concerns an argument injection in the VideosController, specifically the "/Videos//stream" and "/Videos//stream." endpoints, which are reachable by an unauthenticated user. Additional...

Debian: Security Advisory (DLA-3676-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3676-1] libde265 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3676-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky November 30, 2023 https://wiki.debian.org/LTS -...