VYPR

rpm package

suse/gstreamer-plugins-base&distro=SUSE Manager Proxy 4.3

pkg:rpm/suse/gstreamer-plugins-base&distro=SUSE%20Manager%20Proxy%204.3

Vulnerabilities (8)

  • CVE-2024-47835Dec 11, 2024
    affected < 1.20.1-150400.3.11.1fixed 1.20.1-150400.3.11.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer

  • CVE-2024-47615Dec 11, 2024
    affected < 1.20.1-150400.3.11.1fixed 1.20.1-150400.3.11.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed th

  • CVE-2024-47607Dec 11, 2024
    affected < 1.20.1-150400.3.11.1fixed 1.20.1-150400.3.11.1

    GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will

  • CVE-2024-47600Dec 11, 2024
    affected < 1.20.1-150400.3.11.1fixed 1.20.1-150400.3.11.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the format_channel_mask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements.

  • CVE-2024-47542Dec 11, 2024
    affected < 1.20.1-150400.3.11.1fixed 1.20.1-150400.3.11.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is

  • CVE-2024-47541Dec 11, 2024
    affected < 1.20.1-150400.3.11.1fixed 1.20.1-150400.3.11.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha)

  • CVE-2024-47538Dec 11, 2024
    affected < 1.20.1-150400.3.11.1fixed 1.20.1-150400.3.11.1

    GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels exce

  • CVE-2024-4453May 22, 2024
    affected < 1.20.1-150400.3.8.2fixed 1.20.1-150400.3.8.2

    GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack ve