VYPR

rpm package

suse/gstreamer-plugins-base&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/gstreamer-plugins-base&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (10)

  • CVE-2025-47808Aug 7, 2025
    affected < 1.8.3-13.21.1fixed 1.8.3-13.21.1

    In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

  • CVE-2025-47807Aug 7, 2025
    affected < 1.8.3-13.21.1fixed 1.8.3-13.21.1

    In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

  • CVE-2025-47806Aug 7, 2025
    affected < 1.8.3-13.21.1fixed 1.8.3-13.21.1

    In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.

  • CVE-2024-47835Dec 11, 2024
    affected < 1.8.3-13.18.1fixed 1.8.3-13.18.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer

  • CVE-2024-47613Dec 11, 2024
    affected < 1.8.3-13.18.1fixed 1.8.3-13.18.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function invokes `memcpy`, using `out_pix` as the destination address. `out_pix

  • CVE-2024-47615Dec 11, 2024
    affected < 1.8.3-13.18.1fixed 1.8.3-13.18.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed th

  • CVE-2024-47607Dec 11, 2024
    affected < 1.8.3-13.18.1fixed 1.8.3-13.18.1

    GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will

  • CVE-2024-47542Dec 11, 2024
    affected < 1.8.3-13.18.1fixed 1.8.3-13.18.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is

  • CVE-2024-47541Dec 11, 2024
    affected < 1.8.3-13.18.1fixed 1.8.3-13.18.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha)

  • CVE-2024-47538Dec 11, 2024
    affected < 1.8.3-13.18.1fixed 1.8.3-13.18.1

    GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels exce