Astra Linux - уязвимость в gst-plugins-good1.0

DOS: Potential heap overwrite during MKV demuxing using LZO decompression. Integer overflow in the Matroskademux element within the LZO decompression function can cause a segfault, or potentially a heap overwrite, depending on the libc and operating system. Depending on the libc used and the...

MiracleLinux 9 : gstreamer1-plugins-good-1.18.4-6.el9 (AXSA:2023-5649:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5649:01 advisory. gstreamer-plugins-good: Potential heap overwrite in gstmatroskademuxaddwvpkheader CVE-2022-1920 gstreamer-plugins-good: Heap-based buffer overflow i...

EUVD-2022-25196

Malicious code in bioql PyPI...

AZL-61829 CVE-2025-47436 affecting package orc 0.4.31-4

Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...

CVE-2025-47436 Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression

Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...

Apache ORC 安全漏洞

Apache ORC is a high-performance columnar storage format from the Apache Foundation, designed for the Hadoop ecosystem to optimize big data query and analysis performance. A security vulnerability exists in Apache ORC 2.1.1 and earlier versions, which stems from a heap buffer overflow in the LZO...

SUSE CVE-2022-48923

In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copycompressedsegment to write outside of allocated...

UBUNTU-CVE-2022-48923

In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copycompressedsegment to write outside of allocated...

Denial Of Service (DoS)

gst-plugins-good is vulnerable to Denial Of Service DoS. The vulnerability stems from an integer overflow in the matroskademux element within the LZO decompression function, potentially causing a segmentation fault or the risk of a heap overwrite during MKV demuxing using LZO decompression...

AlmaLinux 9 : gstreamer1-plugins-good (ALSA-2023:2260)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2260 advisory. - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap overwrite while parsing matroska files. Potentia...

RHEL 9 : gstreamer1-plugins-good (RHSA-2023:2260)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2260 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contai...

SUSE CVE-2022-1924

DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it...

SUSE SLED15 / SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2022:3908-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3908-1 advisory. - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap...

SUSE-SU-2022:3906-1 Security update for gstreamer-0_10-plugins-good

This update for gstreamer-010-plugins-good fixes the following issues: - CVE-2022-1920: Fixed an integer overflow while parsing matroska files bsc1201688. - CVE-2022-1921: Fixed an integer overflow while parsing avi files bsc1201693. - CVE-2022-1922: Fixed an integer overflow during mkv demuxing...

EulerOS 2.0 SP3 : gstreamer1-plugins-good (EulerOS-SA-2022-2612)

According to the versions of the gstreamer1-plugins-good package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap overwrite while parsing...

EulerOS 2.0 SP8 : gstreamer1-plugins-good (EulerOS-SA-2022-2463)

According to the versions of the gstreamer1-plugins-good packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap overwrite while parsing...

CVE-2022-1924

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution...

Huawei EulerOS: Security Advisory for gstreamer1-plugins-good (EulerOS-SA-2022-2269)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : gstreamer1-plugins-good (EulerOS-SA-2022-2269)

According to the versions of the gstreamer1-plugins-good package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap overwrite while parsing...

Debian DSA-5204-1 : gst-plugins-good1.0 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5204 advisory. Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins to demux Mastroska and AVI files which could result in denial of service or the execution ...