rpm package
suse/gstreamer-plugins-bad&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
pkg:rpm/suse/gstreamer-plugins-bad&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-44446 | — | < 1.8.3-18.15.1 | 1.8.3-18.15.1 | May 3, 2024 | GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors m | ||
| CVE-2023-40476 | — | < 1.8.3-18.9.3 | 1.8.3-18.9.3 | May 3, 2024 | GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack | ||
| CVE-2023-40475 | — | < 1.8.3-18.12.1 | 1.8.3-18.12.1 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2023-40474 | — | < 1.8.3-18.6.1 | 1.8.3-18.6.1 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors | ||
| CVE-2021-3185 | — | < 1.8.3-18.3.5 | 1.8.3-18.3.5 | Jan 25, 2021 | A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. |
- CVE-2023-44446May 3, 2024affected < 1.8.3-18.15.1fixed 1.8.3-18.15.1
GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors m
- CVE-2023-40476May 3, 2024affected < 1.8.3-18.9.3fixed 1.8.3-18.9.3
GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack
- CVE-2023-40475May 3, 2024affected < 1.8.3-18.12.1fixed 1.8.3-18.12.1
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- CVE-2023-40474May 3, 2024affected < 1.8.3-18.6.1fixed 1.8.3-18.6.1
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors
- CVE-2021-3185Jan 25, 2021affected < 1.8.3-18.3.5fixed 1.8.3-18.3.5
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.