VYPR

rpm package

almalinux/gstreamer1-plugins-base-tools

pkg:rpm/almalinux/gstreamer1-plugins-base-tools

Vulnerabilities (15)

  • CVE-2026-2921Mar 13, 2026
    affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2

    GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may

  • CVE-2026-3083Mar 13, 2026
    affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2

    GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors

  • CVE-2026-3085Mar 13, 2026
    affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2

    GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack v

  • CVE-2026-3082Mar 13, 2026
    affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2

    GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve

  • CVE-2026-2923Mar 13, 2026
    affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2

    GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors

  • CVE-2026-2922Mar 13, 2026
    affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2

    GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vec

  • CVE-2026-2920Mar 13, 2026
    affected < 1.26.7-2.el10_2fixed 1.26.7-2.el10_2

    GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve

  • CVE-2024-47835Dec 11, 2024
    affected < 1.22.12-4.el9fixed 1.22.12-4.el9

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer

  • CVE-2024-47615Dec 11, 2024
    affected < 1.22.1-3.el9_5fixed 1.22.1-3.el9_5

    GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed th

  • CVE-2024-47607Dec 11, 2024
    affected < 1.22.1-3.el9_5fixed 1.22.1-3.el9_5

    GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will

  • CVE-2024-47600Dec 11, 2024
    affected < 1.22.12-4.el9fixed 1.22.12-4.el9

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the format_channel_mask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements.

  • CVE-2024-47542Dec 11, 2024
    affected < 1.22.12-4.el9fixed 1.22.12-4.el9

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is

  • CVE-2024-47541Dec 11, 2024
    affected < 1.22.12-4.el9fixed 1.22.12-4.el9

    GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha)

  • CVE-2024-47538Dec 11, 2024
    affected < 1.22.1-3.el9_5fixed 1.22.1-3.el9_5

    GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels exce

  • CVE-2023-37328May 3, 2024
    affected < 1.22.1-2.el9fixed 1.22.1-2.el9

    GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but atta