gst-plugins-bad

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	Multimedia graph framework - bad plugins
Version	1.24.9-3 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-1484	1.18.0-2	1.18.0+54+gbd3532008-1	Medium	Fixed
AVG-165	1.10.2-1	1.10.3-1	Critical	Fixed
AVG-76	1.10.0-1	1.10.2-2	High	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2021-3185	AVG-1484	Medium	No	Arbitrary code execution	A flaw was found in the gstreamer h264 component of gst-plugins-bad before version 1.18.1 where when parsing a h264 header, an attacker could cause the...
CVE-2017-5848	AVG-165	Low	Yes	Denial of service	An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.
CVE-2017-5843	AVG-165	Critical	Yes	Arbitrary code execution	A double-free issue has been found in gstreamer before 1.10.3, in gst_mxf_demux_update_essence_tracks.
CVE-2016-9446	AVG-76	Low	Yes	Information disclosure	An information disclosure vulnerability has been discovered in the render canvas functionality of gst-plugins-bad due to the lack of initializing the...
CVE-2016-9445	AVG-76	High	Yes	Arbitrary code execution	The vmnc decoder in gst-plugins-bad of the gstreamer code base contains a width * height * depth integer overflow in the allocation of the render buffer...

Advisories

Date	Advisory	Group	Severity	Type
03 Feb 2017	ASA-201702-5	AVG-165	Critical	multiple issues
02 Jan 2017	ASA-201701-3	AVG-76	High	multiple issues