CVE search results

1 – 10 of 10 results

Detailed view

Sort by:

CVE-2024-4453

Medium priority

Some fixes available 4 of 7

GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	Not in release	Not in release	Not in release	—	Needs evaluation
gst-plugins-base1.0	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation

CVE-2023-37328

Medium priority

Some fixes available 3 of 6

GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	Not in release	Not in release	Not in release	Ignored	Needs evaluation
gst-plugins-base1.0	Not affected	Fixed	Fixed	Needs evaluation	Needs evaluation

CVE-2023-37327

Medium priority

Some fixes available 6 of 12

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is...

4 affected packages

gst-plugins-base0.10, gst-plugins-base1.0, gst-plugins-good0.10, gst-plugins-good1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	Not in release	Not in release	Not in release	Ignored	Needs evaluation
gst-plugins-base1.0	Not affected	Fixed	Fixed	Needs evaluation	Needs evaluation
gst-plugins-good0.10	Not in release	Not in release	Not in release	Ignored	Needs evaluation
gst-plugins-good1.0	Not affected	Fixed	Fixed	Needs evaluation	Needs evaluation

CVE-2021-3522

Medium priority

Fixed

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

1 affected packages

gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base1.0	—	Not affected	Fixed	Fixed	Fixed

CVE-2019-9928

High priority

Fixed

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	—	—	—	Not in release	Fixed
gst-plugins-base1.0	—	—	—	Fixed	Fixed

CVE-2017-5844

Low priority

Fixed

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	—	—	—	—	Fixed
gst-plugins-base1.0	—	—	—	—	Fixed

CVE-2017-5842

Low priority

Fixed

The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	—	—	—	—	Not affected
gst-plugins-base1.0	—	—	—	—	Fixed

CVE-2017-5839

Low priority

Fixed

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	—	—	—	—	Not affected
gst-plugins-base1.0	—	—	—	—	Fixed

CVE-2017-5837

Low priority

Fixed

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	—	—	—	—	Fixed
gst-plugins-base1.0	—	—	—	—	Fixed

CVE-2016-9811

Low priority

Fixed

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
gst-plugins-base0.10	—	—	—	—	Fixed
gst-plugins-base1.0	—	—	—	—	Fixed

Search CVE reports