VYPR

rpm package

opensuse/gstreamer-plugins-ugly&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/gstreamer-plugins-ugly&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2017-5847HigFeb 9, 2017
    affected < 1.18.5-2.1fixed 1.18.5-2.1

    The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

  • CVE-2017-5838HigFeb 9, 2017
    affected < 1.18.5-2.1fixed 1.18.5-2.1

    The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.