54 matches found
MiracleLinux 8 : gstreamer1-plugins-bad-free-1.16.1-4.el8 (AXSA:2024-8316:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8316:04 advisory. gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video CVE-2023-40474 gstreamer-plugins-bad:...
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...
RLSA-2024:3060 Moderate: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...
Rocky Linux 8 : gstreamer1-plugins-bad-free (RLSA-2024:3060)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3060 advisory. gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video CVE-2023-40474 gstreamer-plugins-bad:...
Oracle Linux 8 : gstreamer1-plugins-bad-free (ELSA-2024-3060)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3060 advisory. - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow - Patch CVE-2023-40476: Integer overflow in H.265 video parser Tenabl...
gstreamer1-plugins-bad-free security update
1.16.1-4.0.1 - Update origin URL Orabug: 36209826 1.16.1-4 - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow - Patch CVE-2023-40476: Integer overflow in H.265 video parser - Resolves: RHEL-19500, RHEL-19504, RHEL-19507 1.16.1-3 - Bump to avoid conflict with z strea...
ALSA-2024:3060 Moderate: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...
Rocky Linux 9 : gstreamer1-plugins-bad-free (RLSA-2024:2287)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2287 advisory. - GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code ...
RHEL 7 : gstreamer-plugins-bad (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio...
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...
Oracle Linux 9 : gstreamer1-plugins-bad-free (ELSA-2024-2287)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2287 advisory. - CVE-2023-40474: Integer overflow leading to heap overwrite in MXF - CVE-2023-40475: Integer overflow leading to heap overwrite in MXF - CVE-2023-4047...
DEBIAN-CVE-2023-40474
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
CVE-2023-40474
CVE-2023-40474 is a GStreamer MXF parsing vulnerability caused by an integer overflow when processing MXF files, leading to remote code execution in vulnerable GStreamer deployments. The issue stems from insufficient validation of user-supplied data, which allows the overflow to occur during buff...
ALSA-2024:2287 Moderate: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...
openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4361-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for gstreamer (openSUSE-SU-2023:0409-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4271-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: gstreamer / gstreamer-devel / gstreamer-lang / gstreamer-utils / etc (SUSE-SU-2024:0307-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0307-1 advisory. - CVE-2023-40474: Fixed an integer overflow during MXF file parsing bsc1215796. Tenable has extracted the preceding description block direct...
SUSE: Security Advisory (SUSE-SU-2024:0307-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:0307-1 Security update for gstreamer
This update for gstreamer fixes the following issues: - CVE-2023-40474: Fixed an integer overflow during MXF file parsing bsc1215796...