Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-47599

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 12 Π΄Π΅ΠΊ. 2024
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS3: 7.5

ОписаниС

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

DNE

esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

needs-triage

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

not-affected

1.24.10-1ubuntu1
esm-infra/bionic

needs-triage

esm-infra/focal

not-affected

1.16.3-0ubuntu1.3
esm-infra/xenial

needs-triage

focal

released

1.16.3-0ubuntu1.3
jammy

released

1.20.3-0ubuntu1.3
noble

released

1.24.2-1ubuntu1.1
oracular

released

1.24.8-1ubuntu1.1
plucky

not-affected

1.24.10-1ubuntu1
upstream

released

1.24.10-1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 50%
0.00268
Низкий

7.5 High

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-47599

CVSS3: 5.5
redhat
6 мСсяцСв Π½Π°Π·Π°Π΄

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-47599

CVSS3: 7.5
nvd
6 мСсяцСв Π½Π°Π·Π°Π΄

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-47599

CVSS3: 7.5
debian
6 мСсяцСв Π½Π°Π·Π°Π΄

GStreamer is a library for constructing graphs of media-handling compo ...

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2025-00874

CVSS3: 7.5
fstec
6 мСсяцСв Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ Ρ„ΡƒΠ½ΠΊΡ†ΠΈΠΈ gst_jpeg_dec_negotiate ΠΌΡƒΠ»ΡŒΡ‚ΠΈΠΌΠ΅Π΄ΠΈΠΉΠ½ΠΎΠ³ΠΎ Ρ„Ρ€Π΅ΠΉΠΌΠ²ΠΎΡ€ΠΊΠ° Gstreamer, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2025-7242

oracle-oval
ΠΎΠΊΠΎΠ»ΠΎ 1 мСсяца Π½Π°Π·Π°Π΄

ELSA-2025-7242: gstreamer1-plugins-good security update (MODERATE)

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 50%
0.00268
Низкий

7.5 High

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2024-47599