VYPR

Gstreamer

by Gstreamer

Source repositories

CVEs (105)

  • CVE-2024-47543Dec 11, 2024
    risk 0.00cvss epss 0.01

    GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function qtdemux_parse_node, the value of length is not well checked. So, if length is…

  • CVE-2024-47542Dec 11, 2024
    risk 0.00cvss epss 0.01

    GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is…

  • CVE-2024-47541Dec 11, 2024
    risk 0.00cvss epss 0.01

    GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha)…

  • CVE-2024-47540Dec 11, 2024
    risk 0.00cvss epss 0.01

    GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an…

  • CVE-2024-47539Dec 11, 2024
    risk 0.00cvss epss 0.01

    GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the…

  • CVE-2024-47538Dec 11, 2024
    risk 0.00cvss epss 0.01

    GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels…

  • CVE-2024-47537Dec 11, 2024
    risk 0.00cvss epss 0.01

    GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read…

  • CVE-2024-0444Jun 7, 2024
    risk 0.00cvss epss 0.02

    GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…

  • CVE-2024-4453May 22, 2024
    risk 0.00cvss epss 0.02

    GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-44446May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors…

  • CVE-2023-44429May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…

  • CVE-2023-40476May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-40475May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-40474May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-38104May 3, 2024
    risk 0.00cvss epss 0.01

    GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-37327May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2022-1923Jul 19, 2022
    risk 0.00cvss epss 0.00

    DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS…

  • CVE-2022-2122Jul 19, 2022
    risk 0.00cvss epss 0.00

    DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities,…

  • CVE-2022-1925Jul 19, 2022
    risk 0.00cvss epss 0.00

    DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be…

  • CVE-2022-1920Jul 19, 2022
    risk 0.00cvss epss 0.00

    Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.

Page 5 of 6