rpm package
suse/gstreamer-plugins-bad&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
pkg:rpm/suse/gstreamer-plugins-bad&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-40476 | — | < 1.12.5-150000.3.15.1 | 1.12.5-150000.3.15.1 | May 3, 2024 | GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack | ||
| CVE-2023-40475 | — | < 1.12.5-150000.3.18.1 | 1.12.5-150000.3.18.1 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2023-40474 | — | < 1.12.5-150000.3.12.1 | 1.12.5-150000.3.12.1 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2023-37329 | — | < 1.12.5-150000.3.9.1 | 1.12.5-150000.3.9.1 | May 3, 2024 | GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but atta | ||
| CVE-2021-3185 | — | < 1.12.5-3.6.1 | 1.12.5-3.6.1 | Jan 25, 2021 | A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. |
- CVE-2023-40476May 3, 2024affected < 1.12.5-150000.3.15.1fixed 1.12.5-150000.3.15.1
GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack
- CVE-2023-40475May 3, 2024affected < 1.12.5-150000.3.18.1fixed 1.12.5-150000.3.18.1
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- CVE-2023-40474May 3, 2024affected < 1.12.5-150000.3.12.1fixed 1.12.5-150000.3.12.1
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- CVE-2023-37329May 3, 2024affected < 1.12.5-150000.3.9.1fixed 1.12.5-150000.3.9.1
GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but atta
- CVE-2021-3185Jan 25, 2021affected < 1.12.5-3.6.1fixed 1.12.5-3.6.1
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.