Search CVE reports
11 – 16 of 16 results
CVE-2017-5843
Low prioritySome fixes available 1 of 5
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service...
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gst-plugins-bad0.10 | Not in release | Not in release | Not in release | Not in release | Not in release |
| gst-plugins-bad1.0 | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-9446
Medium priorityThe vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated...
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gst-plugins-bad0.10 | — | — | — | — | Not in release |
| gst-plugins-bad1.0 | — | — | — | — | Fixed |
CVE-2016-9445
Medium priorityInteger overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gst-plugins-bad0.10 | — | — | — | — | Not in release |
| gst-plugins-bad1.0 | — | — | — | — | Fixed |
CVE-2016-9813
Low prioritySome fixes available 16 of 19
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gst-plugins-bad0.10 | Not in release | Not in release | Not in release | Not in release | Not in release |
| gst-plugins-bad1.0 | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2016-9812
Low prioritySome fixes available 16 of 19
The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gst-plugins-bad0.10 | Not in release | Not in release | Not in release | Not in release | Not in release |
| gst-plugins-bad1.0 | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2016-9809
Low prioritySome fixes available 17 of 21
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gst-plugins-bad0.10 | Not in release | Not in release | Not in release | Not in release | Not in release |
| gst-plugins-bad1.0 | Fixed | Fixed | Fixed | Fixed | Vulnerable |