rpm package

suse/gstreamer-plugins-good&distro=SUSE Linux Enterprise Server 15 SP1-LTSS

pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS

Vulnerabilities (9)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-37327	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	May 3, 2024	GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vector
CVE-2022-1924	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Jul 19, 2022	DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS ca
CVE-2022-1923	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Jul 19, 2022	DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS
CVE-2022-2122	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Jul 19, 2022	DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities,
CVE-2022-1925	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Jul 19, 2022	DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be
CVE-2022-1922	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Jul 19, 2022	DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the unde
CVE-2022-1920	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Jul 19, 2022	Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.
CVE-2022-1921	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Jul 19, 2022	Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.
CVE-2021-3497	—	< 1.12.5-150000.3.7.2	1.12.5-150000.3.7.2	Apr 19, 2021	GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.

CVE-2023-37327May 3, 2024
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vector
CVE-2022-1924Jul 19, 2022
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS ca
CVE-2022-1923Jul 19, 2022
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS
CVE-2022-2122Jul 19, 2022
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities,
CVE-2022-1925Jul 19, 2022
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be
CVE-2022-1922Jul 19, 2022
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the unde
CVE-2022-1920Jul 19, 2022
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.
CVE-2022-1921Jul 19, 2022
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.
CVE-2021-3497Apr 19, 2021
affected < 1.12.5-150000.3.7.2fixed 1.12.5-150000.3.7.2
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.