Search CVE reports
31 – 40 of 45 results
Some fixes available 4 of 5
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.
1 affected package
gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good1.0 | — | Fixed | Fixed | Fixed |
Some fixes available 4 of 5
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.
1 affected package
gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good1.0 | — | Fixed | Fixed | Fixed |
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
1 affected package
gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good1.0 | — | — | Fixed | Fixed |
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
1 affected package
gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good1.0 | — | — | Fixed | Fixed |
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes...
2 affected packages
gst-plugins-good0.10, gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good0.10 | — | — | — | — |
| gst-plugins-good1.0 | — | — | — | — |
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.
2 affected packages
gst-plugins-good0.10, gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good0.10 | — | — | — | — |
| gst-plugins-good1.0 | — | — | — | — |
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
2 affected packages
gst-plugins-good0.10, gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good0.10 | — | — | — | — |
| gst-plugins-good1.0 | — | — | — | — |
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
2 affected packages
gst-plugins-good0.10, gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good0.10 | — | — | — | — |
| gst-plugins-good1.0 | — | — | — | — |
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
2 affected packages
gst-plugins-good0.10, gst-plugins-good1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good0.10 | — | — | — | — |
| gst-plugins-good1.0 | — | — | — | — |
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application...
2 affected packages
gst-plugins-good1.0, gst-plugins-good0.10
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-good1.0 | — | — | — | — |
| gst-plugins-good0.10 | — | — | — | — |