9 matches found
PT-2025-18342 · Gstreamer +2 · Gstreamer +1
Name of the Vulnerable Software and Affected Versions: GStreamer affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system. The flaw...
CVE-2024-47544
A flaw was found in the GStreamer library. Multiple NULL pointer dereferences in the MP4/MOV demuxer's CENC handling can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...
PT-2024-10372
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description The issue is related to an out-of-bounds OOB read in the qtdemux parse svq3 stsd data function within qtdemux.c. Specifically, in the FOURCC SMI case, seqh size is read from the input file withou...
PT-2024-10371
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the extract cc from data function within qtdemux.c. In the FOURCC c708 case,...
PT-2024-10373
Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description A null pointer dereference has been discovered in the id3v2 read synch uint function, located in id3v2.c. If id3v2 read synch uint is called with a null work-hdr.frame data, the pointer guint8 da...
PT-2024-9583 · Gstreamer +7 · Gstreamer +7
Name of the Vulnerable Software and Affected Versions: GStreamer versions prior to 1.24.10 Description: A null pointer dereference vulnerability has been discovered in the gst matroska demux update tracks function within matroska-demux.c. The vulnerability occurs when the gst caps is equal functi...
MGASA-2024-0119 Updated gstreamer1.0 packages fix vulnerability
Heap-based buffer overflow in the AV1 codec parser when handling certain malformed streams before GStreamer 1.22.9 It is possible for a malicious third party to trigger a crash in the application, and possibly also effect code execution through heap manipulation...
SUSE-SU-2023:4980-1 Security update for gstreamer
This update for gstreamer fixes the following issues: - CVE-2023-40474: Fixed GStreamer MXF File Parsing Integer Overflow bsc1215796...
SUSE-SU-2017:0967-1 Security update for gstreamer
This update for gstreamer fixes the following security issues: - A crafted AVI file could have caused an invalid memory read, possibly causing DoS or corruption bsc1024051, CVE-2017-5838...