Heap-based Buffer Overflow

🗓️ 30 Nov 2023 18:06:48Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 18 Views

Heap-based buffer overflow in gst-plugins-bad AV1 codec parser

Reporter	Title	Published	Views	Family All 108
ATTACKERKB	CVE-2023-44429	3 May 202403:15	–	attackerkb
Tenable Nessus	Amazon Linux 2 : gstreamer1-plugins-bad-free (ALAS-2023-2355)	4 Dec 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0011: gstreamer1-plugins-bad-free (ALINUX3-SA-2024:0011)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : gstreamer1-plugins-bad-free (ALSA-2023:7791)	15 Dec 202300:00	–	nessus
Tenable Nessus	Debian DSA-5565-1 : gst-plugins-bad1.0 - security update	26 Nov 202300:00	–	nessus
Tenable Nessus	Fedora 39 : gst-devtools / gstreamer1 / gstreamer1-doc / python-gstreamer1 (2023-1661e0af22)	18 Nov 202300:00	–	nessus
Tenable Nessus	Fedora 39 : gstreamer1-plugin-libav / gstreamer1-plugins-bad-free / etc (2023-6a4aea6d13)	18 Nov 202300:00	–	nessus
Tenable Nessus	Fedora 38 : gst-devtools / gstreamer1 / gstreamer1-doc / python-gstreamer1 (2023-7bd66f219f)	29 Nov 202300:00	–	nessus
Tenable Nessus	GLSA-202406-06 : GStreamer, GStreamer Plugins: Multiple Vulnerabilities	29 Jun 202400:00	–	nessus
Tenable Nessus	MiracleLinux 9 : gstreamer1-plugins-bad-free-1.22.1-2.el9_3 (AXSA:2023-7048:03)	20 Jan 202600:00	–	nessus

Vulners

Node

freedesktop gst-plugins-badMatch1.22.4-r0os

AND

freedesktop gst-plugins-badMatch1.22.2-r0os

AND

freedesktop gst-plugins-badMatch1.22.2-r1os

AND

freedesktop gst-plugins-badMatch1.22.3-r0os

AND

freedesktop gst-plugins-badMatch1.22.5-r0os

AND

alpinelinux alpine_linuxMatch3.18

freedesktop gst-plugins-badMatch1.18.5-r2os

AND

freedesktop gst-plugins-badMatch1.22.5-r0os

AND

freedesktop gst-plugins-badMatch1.20.4-r0os

AND

freedesktop gst-plugins-badMatch1.18.4-r2os

AND

freedesktop gst-plugins-badMatch1.22.2-r0os

AND

freedesktop gst-plugins-badMatch1.20.3-r1os

AND

freedesktop gst-plugins-badMatch1.20.1-r0os

AND

freedesktop gst-plugins-badMatch1.20.5-r0os

AND

freedesktop gst-plugins-badMatch1.20.4-r2os

AND

freedesktop gst-plugins-badMatch1.16.2-r6os

AND

freedesktop gst-plugins-badMatch1.20.5-r1os

AND

freedesktop gst-plugins-badMatch1.20.2-r0os

AND

freedesktop gst-plugins-badMatch1.22.3-r0os

AND

freedesktop gst-plugins-badMatch1.18.4-r0os

AND

freedesktop gst-plugins-badMatch1.16.2-r9os

AND

freedesktop gst-plugins-badMatch1.20.3-r4os

AND

freedesktop gst-plugins-badMatch1.18.6-r0os

AND

freedesktop gst-plugins-badMatch1.22.6-r0os

AND

freedesktop gst-plugins-badMatch1.20.3-r3os

AND

freedesktop gst-plugins-badMatch1.22.3-r3os

AND

freedesktop gst-plugins-badMatch1.18.4-r4os

AND

freedesktop gst-plugins-badMatch1.22.3-r1os

AND

freedesktop gst-plugins-badMatch1.18.4-r3os

AND

freedesktop gst-plugins-badMatch1.18.5-r0os

AND

freedesktop gst-plugins-badMatch1.18.4-r1os

AND

freedesktop gst-plugins-badMatch1.18.5-r1os

AND

freedesktop gst-plugins-badMatch1.22.0-r0os

AND

freedesktop gst-plugins-badMatch1.20.4-r1os

AND

freedesktop gst-plugins-badMatch1.22.2-r1os

AND

freedesktop gst-plugins-badMatch1.22.4-r0os

AND

freedesktop gst-plugins-badMatch1.16.2-r7os

AND

freedesktop gst-plugins-badMatch1.22.1-r0os

AND

freedesktop gst-plugins-badMatch1.18.3-r1os

AND

freedesktop gst-plugins-badMatch1.20.3-r0os

AND

freedesktop gst-plugins-badMatch1.16.2-r8os

AND

alpinelinux alpine_linuxMatchedge

freedesktop gst-plugins-badMatch1.22.6-r0os

AND

alpinelinux alpine_linuxMatch3.19

Source	Link
secdb	www.secdb.alpinelinux.org/edge/community.yaml
secdb	www.secdb.alpinelinux.org/v3.18/community.yaml
gstreamer	www.gstreamer.freedesktop.org/security/sa-2023-0009.html
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-1648/

03 May 2024 05:59Current

7.1High risk

Vulners AI Score7.1

CVSS 38.8

EPSS0.05986

SSVC