VYPR

rpm package

suse/gstreamer-plugins-good&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (3)

  • CVE-2025-47219HigAug 7, 2025
    affected < 1.24.0-150600.3.7.1fixed 1.24.0-150600.3.7.1

    In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

  • CVE-2025-47183Aug 7, 2025
    affected < 1.24.0-150600.3.7.1fixed 1.24.0-150600.3.7.1

    In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

  • CVE-2024-47540Dec 11, 2024
    affected < 1.24.0-150600.3.7.1fixed 1.24.0-150600.3.7.1

    GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an uni