rpm package
almalinux/gstreamer1-plugins-bad-free-devel
pkg:rpm/almalinux/gstreamer1-plugins-bad-free-devel
Vulnerabilities (17)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-2921 | — | < 1.26.7-2.el10_2 | 1.26.7-2.el10_2 | Mar 13, 2026 | GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may | ||
| CVE-2026-3083 | — | < 1.26.7-2.el10_2 | 1.26.7-2.el10_2 | Mar 13, 2026 | GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2026-3085 | — | < 1.26.7-2.el10_2 | 1.26.7-2.el10_2 | Mar 13, 2026 | GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack v | ||
| CVE-2026-3082 | — | < 1.26.7-2.el10_2 | 1.26.7-2.el10_2 | Mar 13, 2026 | GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve | ||
| CVE-2026-2923 | — | < 1.26.7-2.el10_2 | 1.26.7-2.el10_2 | Mar 13, 2026 | GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2026-2922 | — | < 1.26.7-2.el10_2 | 1.26.7-2.el10_2 | Mar 13, 2026 | GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vec | ||
| CVE-2026-2920 | — | < 1.26.7-2.el10_2 | 1.26.7-2.el10_2 | Mar 13, 2026 | GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve | ||
| CVE-2025-3887 | — | < 1.22.12-4.el9_6 | 1.22.12-4.el9_6 | May 22, 2025 | GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but a | ||
| CVE-2024-0444 | — | < 1.22.12-3.el9 | 1.22.12-3.el9 | Jun 7, 2024 | GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but at | ||
| CVE-2024-4453 | — | < 1.22.12-3.el9 | 1.22.12-3.el9 | May 22, 2024 | GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve | ||
| CVE-2023-50186 | — | < 1.22.1-4.el9 | 1.22.1-4.el9 | May 3, 2024 | GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but at | ||
| CVE-2023-44446 | — | < 1.22.1-2.el9_3 | 1.22.1-2.el9_3 | May 3, 2024 | GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors m | ||
| CVE-2023-44429 | — | < 1.22.1-2.el9_3 | 1.22.1-2.el9_3 | May 3, 2024 | GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but att | ||
| CVE-2023-40476 | — | < 1.22.1-4.el9 | 1.22.1-4.el9 | May 3, 2024 | GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack | ||
| CVE-2023-40475 | — | < 1.22.1-4.el9 | 1.22.1-4.el9 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2023-40474 | — | < 1.22.1-4.el9 | 1.22.1-4.el9 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2018-7263 | Cri | 9.8 | < 1.16.1-1.el8 | 1.16.1-1.el8 | Feb 20, 2018 | The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overlap CVE-2017-11552. |
- CVE-2026-2921Mar 13, 2026affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2
GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may
- CVE-2026-3083Mar 13, 2026affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2
GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- CVE-2026-3085Mar 13, 2026affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack v
- CVE-2026-3082Mar 13, 2026affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2
GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve
- CVE-2026-2923Mar 13, 2026affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2
GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- CVE-2026-2922Mar 13, 2026affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2
GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vec
- CVE-2026-2920Mar 13, 2026affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2
GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve
- CVE-2025-3887May 22, 2025affected < 1.22.12-4.el9_6fixed 1.22.12-4.el9_6
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but a
- CVE-2024-0444Jun 7, 2024affected < 1.22.12-3.el9fixed 1.22.12-3.el9
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but at
- CVE-2024-4453May 22, 2024affected < 1.22.12-3.el9fixed 1.22.12-3.el9
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve
- CVE-2023-50186May 3, 2024affected < 1.22.1-4.el9fixed 1.22.1-4.el9
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but at
- CVE-2023-44446May 3, 2024affected < 1.22.1-2.el9_3fixed 1.22.1-2.el9_3
GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors m
- CVE-2023-44429May 3, 2024affected < 1.22.1-2.el9_3fixed 1.22.1-2.el9_3
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but att
- CVE-2023-40476May 3, 2024affected < 1.22.1-4.el9fixed 1.22.1-4.el9
GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack
- CVE-2023-40475May 3, 2024affected < 1.22.1-4.el9fixed 1.22.1-4.el9
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- CVE-2023-40474May 3, 2024affected < 1.22.1-4.el9fixed 1.22.1-4.el9
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- affected < 1.16.1-1.el8fixed 1.16.1-1.el8
The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overlap CVE-2017-11552.