Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 10 results


CVE-2024-4453

Medium priority

Some fixes available 4 of 7

GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Not in release Not in release Not in release Needs evaluation
gst-plugins-base1.0 Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-37328

Medium priority

Some fixes available 3 of 6

GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Not in release Not in release Not in release Ignored Needs evaluation
gst-plugins-base1.0 Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-37327

Medium priority

Some fixes available 6 of 12

GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is...

4 affected packages

gst-plugins-base0.10, gst-plugins-base1.0, gst-plugins-good0.10, gst-plugins-good1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Not in release Not in release Not in release Ignored Needs evaluation
gst-plugins-base1.0 Not affected Fixed Fixed Needs evaluation Needs evaluation
gst-plugins-good0.10 Not in release Not in release Not in release Ignored Needs evaluation
gst-plugins-good1.0 Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2021-3522

Medium priority
Fixed

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

1 affected packages

gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base1.0 Not affected Fixed Fixed Fixed
Show less packages

CVE-2019-9928

High priority
Fixed

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Not in release Fixed
gst-plugins-base1.0 Fixed Fixed
Show less packages

CVE-2017-5844

Low priority
Fixed

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Fixed
gst-plugins-base1.0 Fixed
Show less packages

CVE-2017-5842

Low priority
Fixed

The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Not affected
gst-plugins-base1.0 Fixed
Show less packages

CVE-2017-5839

Low priority
Fixed

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow...

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Not affected
gst-plugins-base1.0 Fixed
Show less packages

CVE-2017-5837

Low priority
Fixed

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Fixed
gst-plugins-base1.0 Fixed
Show less packages

CVE-2016-9811

Low priority
Fixed

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

2 affected packages

gst-plugins-base0.10, gst-plugins-base1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-base0.10 Fixed
gst-plugins-base1.0 Fixed
Show less packages