Количество 11
Количество 11
CVE-2024-47596
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10.
CVE-2024-47596
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10.
CVE-2024-47596
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10.
CVE-2024-47596
GStreamer is a library for constructing graphs of media-handling compo ...
BDU:2025-00877
Уязвимость функции qtdemux_parse_svq3_stsd_data мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код
ELSA-2025-7242
ELSA-2025-7242: gstreamer1-plugins-good security update (MODERATE)
SUSE-SU-2025:0063-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0067-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0064-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0055-1
Security update for gstreamer-plugins-good
ROS-20250121-12
Множественные уязвимости gstreamer1-plugins-good
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-47596 GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | CVE-2024-47596 GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. | CVSS3: 5.1 | 0% Низкий | 6 месяцев назад |
 | CVE-2024-47596 GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| CVE-2024-47596 GStreamer is a library for constructing graphs of media-handling compo ... | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | BDU:2025-00877 Уязвимость функции qtdemux_parse_svq3_stsd_data мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| ELSA-2025-7242 ELSA-2025-7242: gstreamer1-plugins-good security update (MODERATE) | около 1 месяца назад | ||
 | SUSE-SU-2025:0063-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0067-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0064-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0055-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
 | ROS-20250121-12 Множественные уязвимости gstreamer1-plugins-good | CVSS3: 9.8 | 5 месяцев назад |
Уязвимостей на страницу