VYPR

rpm package

suse/gstreamer-plugins-good&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4

pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4

Vulnerabilities (22)

  • CVE-2024-47834Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the gst_matroska_demux_pars

  • CVE-2024-47778Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gst_wavparse_adtl_chunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds

  • CVE-2024-47777Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size o

  • CVE-2024-47776Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the funct

  • CVE-2024-47775Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read fro

  • CVE-2024-47774Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_avi_subtitle_parse_gab2_chunk function within gstavisubtitle.c. The function reads the name_length value directly from the input file without chec

  • CVE-2024-47613Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function invokes `memcpy`, using `out_pix` as the destination address. `out_pix

  • CVE-2024-47606Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a

  • CVE-2024-47603Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_update_tracks function within matroska-demux.c. The vulnerability occurs when the gst_caps_is_equal function is call

  • CVE-2024-47602Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. This function does not properly check the validity of the stream->

  • CVE-2024-47601Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock function within matroska-demux.c. This function does not properly check the validity

  • CVE-2024-47599Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output

  • CVE-2024-47598Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is that the size of the stts buffer isn’t properly checked before reading stts_durat

  • CVE-2024-47597Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemux_parse_samples within qtdemux.c. This issue arises when the function qtdemux_parse_samples reads data beyond the boundaries of the stream->stco buffer

  • CVE-2024-47596Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is gr

  • CVE-2024-47546Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the subtraction atom_length - 8 may result in an underflow if atom_length is less than 8

  • CVE-2024-47545Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemux_parse_trak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than

  • CVE-2024-47544Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. The function qtdemux_parse_sbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10.

  • CVE-2024-47543Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function qtdemux_parse_node, the value of length is not well checked. So, if length is bi

  • CVE-2024-47540Dec 11, 2024
    affected < 1.20.1-150400.3.9.1fixed 1.20.1-150400.3.9.1

    GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an uni

Page 1 of 2