gst-plugins-bad

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Multimedia graph framework - bad plugins
Version 1.24.10-2 [extra-testing]
1.24.10-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1484 1.18.0-2 1.18.0+54+gbd3532008-1 Medium Fixed
AVG-165 1.10.2-1 1.10.3-1 Critical Fixed
AVG-76 1.10.0-1 1.10.2-2 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-3185 AVG-1484 Medium No Arbitrary code execution
A flaw was found in the gstreamer h264 component of gst-plugins-bad before version 1.18.1 where when parsing a h264 header, an attacker could cause the...
CVE-2017-5848 AVG-165 Low Yes Denial of service
An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.
CVE-2017-5843 AVG-165 Critical Yes Arbitrary code execution
A double-free issue has been found in gstreamer before 1.10.3, in gst_mxf_demux_update_essence_tracks.
CVE-2016-9446 AVG-76 Low Yes Information disclosure
An information disclosure vulnerability has been discovered in the render canvas functionality of gst-plugins-bad due to the lack of initializing the...
CVE-2016-9445 AVG-76 High Yes Arbitrary code execution
The vmnc decoder in gst-plugins-bad of the gstreamer code base contains a width * height * depth integer overflow in the allocation of the render buffer...

Advisories

Date Advisory Group Severity Type
03 Feb 2017 ASA-201702-5 AVG-165 Critical multiple issues
02 Jan 2017 ASA-201701-3 AVG-76 High multiple issues