19 matches found
gstreamer1-plugins-base security update
An update is available for gstreamer1-plugins-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of...
Amazon Linux 2 : gstreamer1-plugins-base (ALAS-2025-2971)
The version of gstreamer1-plugins-base installed on the remote host is prior to 1.18.4-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2971 advisory. GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability h...
AlmaLinux 9 : gstreamer1-plugins-base (ALSA-2025:7243)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7243 advisory. gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference CVE-2024-47542 gstreamer1-plugins-base: GStreamer has an out-of-boun...
Moderate: gstreamer1-plugins-base security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference...
Linux Distros Unpatched Vulnerability : CVE-2024-47542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function,...
SUSE-SU-2025:0065-1 Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 - CVE-2024-47600: Fixed an out-of-bounds read in...
SUSE SLES12: gstreamer-plugins-base / gstreamer-plugins-base-devel / etc (SUSE-SU-2025:0052-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0052-1 advisory. - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a NULL-pointer...
SUSE-SU-2025:0052-1 Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 - CVE-2024-47615: Fixed an out-of-bounds write i...
Ubuntu: Security Advisory (USN-7175-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
gstreamer-plugins-base-1.24.10-2.1 on GA media (moderate)
gstreamer-plugins-base-1.24.10-2.1 on GA media Announcement ID: openSUSE-SU-2024:14577-1 Rating: moderate Cross-References: CVE-2024-47538 CVE-2024-47542 CVE-2024-47600 CVE-2024-47615 CVE-2024-47835 CVSS scores: CVE-2024-47538 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-47542...
CVE-2024-47542
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...
CVE-2024-47542
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...
AZL-62375 CVE-2024-47542 affecting package gstreamer1 1.20.0-2
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...
CVE-2024-47542
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...
CVE-2024-47542
creationtimestamp| type| source ---|---|--- 2024-12-11 19:32:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113635854706009967 2024-12-17 12:51:51+00:00| seen| https://github.blog/security/vulnerability-research/uncovering-gstreamer-secrets/...
CVE-2024-47542 GHSL-2024-235: GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...
CVE-2024-47542
CVE-2024-47542 affects GStreamer (notably the id3v2 parser in id3v2.c). A null pointer dereference occurs in id3v2_read_synch_uint when work->hdr.frame_data is null, leading to a potential crash/DoS (SEGV). The issue is fixed in 1.24.10 of the GStreamer stack (as cited in multiple advisories a...
CVE-2024-47542 GHSL-2024-235: GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...
CVE-2024-47542
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...