Search CVE reports
11 – 17 of 17 results
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
2 affected packages
gst-plugins-base0.10, gst-plugins-base1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-base0.10 | — | — | — | Not in release |
| gst-plugins-base1.0 | — | — | — | Fixed |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
2 affected packages
gst-plugins-base0.10, gst-plugins-base1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-base0.10 | — | — | — | — |
| gst-plugins-base1.0 | — | — | — | — |
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated...
2 affected packages
gst-plugins-base0.10, gst-plugins-base1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-base0.10 | — | — | — | — |
| gst-plugins-base1.0 | — | — | — | — |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow...
2 affected packages
gst-plugins-base0.10, gst-plugins-base1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-base0.10 | — | — | — | — |
| gst-plugins-base1.0 | — | — | — | — |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
2 affected packages
gst-plugins-base0.10, gst-plugins-base1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-base0.10 | — | — | — | — |
| gst-plugins-base1.0 | — | — | — | — |
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
2 affected packages
gst-plugins-base0.10, gst-plugins-base1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-base0.10 | — | — | — | — |
| gst-plugins-base1.0 | — | — | — | — |
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute...
1 affected package
gst-plugins-base0.10
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gst-plugins-base0.10 | — | — | — | — |