Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-47775 (GCVE-0-2024-47775)
Vulnerability from cvelistv5 – Published: 2024-12-11 19:15 – Updated: 2025-11-03 20:40
VLAI
EPSS
Title
GHSL-2024-261: GStreamer has an OOB-read in parse_ds64
Summary
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_CONFIRM |
| https://gitlab.freedesktop.org/gstreamer/gstreame… | x_refsource_MISC |
| https://gstreamer.freedesktop.org/security/sa-202… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2025… |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47775",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T21:06:26.150191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T21:06:33.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:40:47.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gstreamer",
"vendor": "gstreamer",
"versions": [
{
"status": "affected",
"version": "\u003c 1.24.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T19:15:44.607Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/"
},
{
"name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch",
"tags": [
"x_refsource_MISC"
],
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"name": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
}
],
"source": {
"advisory": "GHSA-hxxw-2g39-jv2p",
"discovery": "UNKNOWN"
},
"title": "GHSL-2024-261: GStreamer has an OOB-read in parse_ds64"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47775",
"datePublished": "2024-12-11T19:15:44.607Z",
"dateReserved": "2024-09-30T21:28:53.234Z",
"dateUpdated": "2025-11-03T20:40:47.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-47775",
"date": "2026-06-03",
"epss": "0.0024",
"percentile": "0.47179"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-47775\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-12-12T02:03:40.430\",\"lastModified\":\"2026-03-17T15:52:33.870\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.\"},{\"lang\":\"es\",\"value\":\"GStreamer es una librer\u00eda para construir gr\u00e1ficos de componentes de manejo de medios. Se ha encontrado una vulnerabilidad de lectura OOB en la funci\u00f3n parse_ds64 dentro de gstwavparse.c. La funci\u00f3n parse_ds64 no verifica que el b\u00fafer buf contenga datos suficientes antes de intentar leer de \u00e9l, y realiza m\u00faltiples operaciones GST_READ_UINT32_LE sin realizar verificaciones de los l\u00edmites. Esto puede provocar una lectura OOB cuando buf es m\u00e1s peque\u00f1o de lo esperado. Esta vulnerabilidad permite leer m\u00e1s all\u00e1 de los l\u00edmites del b\u00fafer de datos, lo que puede provocar un bloqueo (denegaci\u00f3n de servicio) o la fuga de datos confidenciales. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 1.24.10.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.24.10\",\"matchCriteriaId\":\"1B92A50A-2A86-49C9-9E3E-CE01EBC1987B\"}]}]}],\"references\":[{\"url\":\"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://gstreamer.freedesktop.org/security/sa-2024-0027.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47775\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-11T21:06:26.150191Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-11T21:06:30.687Z\"}}], \"cna\": {\"title\": \"GHSL-2024-261: GStreamer has an OOB-read in parse_ds64\", \"source\": {\"advisory\": \"GHSA-hxxw-2g39-jv2p\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"gstreamer\", \"product\": \"gstreamer\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.24.10\"}]}], \"references\": [{\"url\": \"https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/\", \"name\": \"https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch\", \"name\": \"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://gstreamer.freedesktop.org/security/sa-2024-0027.html\", \"name\": \"https://gstreamer.freedesktop.org/security/sa-2024-0027.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125: Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-12-11T19:15:44.607Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-47775\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-11T21:06:33.799Z\", \"dateReserved\": \"2024-09-30T21:28:53.234Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-12-11T19:15:44.607Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
alsa-2025:7242
Vulnerability from osv_almalinux
Published
2025-05-13 00:00
Modified
2025-07-02 13:13
Summary
Moderate: gstreamer1-plugins-good security update
Details
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.
Security Fix(es):
- gstreamer1-plugins-good: OOB-read in qtdemux_parse_container (CVE-2024-47543)
- gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk (CVE-2024-47774)
- gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk (CVE-2024-47777)
- gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk (CVE-2024-47778)
- gstreamer1-plugins-good: OOB-read in parse_ds64 (CVE-2024-47775)
- gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing (CVE-2024-47596)
- gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences (CVE-2024-47599)
- gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate (CVE-2024-47834)
- gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk (CVE-2024-47776)
- gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling (CVE-2024-47544)
- gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47601)
- gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples (CVE-2024-47597)
- gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read (CVE-2024-47546)
- gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer (CVE-2024-47602)
- gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (CVE-2024-47598)
- gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47603)
- gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read (CVE-2024-47545)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gstreamer1-plugins-good"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.22.12-4.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gstreamer1-plugins-good-gtk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.22.12-4.el9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. \n\nSecurity Fix(es): \n\n * gstreamer1-plugins-good: OOB-read in qtdemux_parse_container (CVE-2024-47543)\n * gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk (CVE-2024-47774)\n * gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk (CVE-2024-47777)\n * gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk (CVE-2024-47778)\n * gstreamer1-plugins-good: OOB-read in parse_ds64 (CVE-2024-47775)\n * gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing (CVE-2024-47596)\n * gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences (CVE-2024-47599)\n * gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate (CVE-2024-47834)\n * gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk (CVE-2024-47776)\n * gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling (CVE-2024-47544)\n * gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47601)\n * gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples (CVE-2024-47597)\n * gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read (CVE-2024-47546)\n * gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer (CVE-2024-47602)\n * gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (CVE-2024-47598)\n * gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47603)\n * gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read (CVE-2024-47545)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. \n\nAdditional Changes: \n\nFor detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.\n",
"id": "ALSA-2025:7242",
"modified": "2025-07-02T13:13:21Z",
"published": "2025-05-13T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47543"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47544"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47545"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47546"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47596"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47597"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47598"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47599"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47601"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47602"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47603"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47774"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47775"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47776"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47777"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47778"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47834"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331723"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331739"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331741"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331743"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331744"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331747"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331748"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331749"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331750"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331751"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331752"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331755"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331756"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331759"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331761"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331762"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331763"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2025-7242.html"
}
],
"related": [
"CVE-2024-47543",
"CVE-2024-47774",
"CVE-2024-47777",
"CVE-2024-47778",
"CVE-2024-47775",
"CVE-2024-47596",
"CVE-2024-47599",
"CVE-2024-47834",
"CVE-2024-47776",
"CVE-2024-47544",
"CVE-2024-47601",
"CVE-2024-47597",
"CVE-2024-47546",
"CVE-2024-47602",
"CVE-2024-47598",
"CVE-2024-47603",
"CVE-2024-47545"
],
"summary": "Moderate: gstreamer1-plugins-good security update"
}
Title
Уязвимость функции parse_ds64 мультимедийного фреймворка Gstreamer, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции parse_ds64 мультимедийного фреймворка Gstreamer связана с чтением за пределами допустимого диапазона в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Vendor
Сообщество свободного программного обеспечения, ООО «Ред Софт», ООО «РусБИТех-Астра», Red Hat Inc., Сообщество GStreamer, АО "НППКТ", ООО «НЦПР», ООО «Открытая мобильная платформа»
Software Name
Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Gstreamer, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), МСВСфера, ОС Аврора (запись в едином реестре российских программ №1543)
Software Version
11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 9 (Red Hat Enterprise Linux), 1.8 (Astra Linux Special Edition), до 1.24.10 (Gstreamer), до 2.13 (ОСОН ОСнова Оnyx), 9.5 (МСВСфера), до 5.1.5 включительно (ОС Аврора)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для GStreamer:
https://gstreamer.freedesktop.org/security/sa-2024-0027.html
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2024-47775
Для Debian GNU/Linux:
https://ubuntu.com/security/CVE-2024-47775
Для РЕД ОС:
https://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-gstreamer1-plugins-good/?sphrase_id=641091
Обновление программного обеспечения gst-plugins-good1.0 до версии 1.18.4-2+deb11u3
Для ОС Astra Linux:
обновить пакет gst-plugins-good1.0 до 1.22.1-1ubuntu1.2astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18
Для МСВСфера: https://errata.msvsphere-os.ru/definition/9/INFCSA-2025:7242?lang=ru
Для ОС Astra Linux:
обновить пакет gst-plugins-good1.0 до 1.18.4-1astra4 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17
Для ОС Astra Linux:
обновить пакет gst-plugins-good1.0 до 1.18.4-1astra4 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE47
Для ОС Аврора: https://cve.omp.ru/bb30515
Reference
https://security-tracker.debian.org/tracker/CVE-2024-47775
https://access.redhat.com/security/cve/cve-2024-47775
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch
https://gstreamer.freedesktop.org/security/sa-2024-0027.html
https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/
https://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-gstreamer1-plugins-good/?sphrase_id=641091
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.13/
https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18
https://errata.msvsphere-os.ru/definition/9/INFCSA-2025:7242?lang=ru
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE106
https://cve.omp.ru/bb30515
CWE
CWE-125
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"CVSS 4.0": "AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e GStreamer, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u041e\u041e\u041e \u00ab\u041d\u0426\u041f\u0420\u00bb, \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 9 (Red Hat Enterprise Linux), 1.8 (Astra Linux Special Edition), \u0434\u043e 1.24.10 (Gstreamer), \u0434\u043e 2.13 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), 9.5 (\u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430), \u0434\u043e 5.1.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (\u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f GStreamer:\nhttps://gstreamer.freedesktop.org/security/sa-2024-0027.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2024-47775\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://ubuntu.com/security/CVE-2024-47775\n\n\u0414\u043b\u044f \u0420\u0415\u0414 \u041e\u0421:\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-gstreamer1-plugins-good/?sphrase_id=641091\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f gst-plugins-good1.0 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.18.4-2+deb11u3\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 gst-plugins-good1.0 \u0434\u043e 1.22.1-1ubuntu1.2astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\n\n\u0414\u043b\u044f \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430: https://errata.msvsphere-os.ru/definition/9/INFCSA-2025:7242?lang=ru\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 gst-plugins-good1.0 \u0434\u043e 1.18.4-1astra4 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 gst-plugins-good1.0 \u0434\u043e 1.18.4-1astra4 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE47\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430: https://cve.omp.ru/bb30515",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.10.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.01.2026",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "19.12.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-11329",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-47775",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, Gstreamer, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430, \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.13 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u041e\u041e \u00ab\u041d\u0426\u041f\u0420\u00bb \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430 9.5 , \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 5.1.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 parse_ds64 \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u043e\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Gstreamer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 parse_ds64 \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u043e\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Gstreamer \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://security-tracker.debian.org/tracker/CVE-2024-47775\nhttps://access.redhat.com/security/cve/cve-2024-47775\nhttps://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch\t\nhttps://gstreamer.freedesktop.org/security/sa-2024-0027.html\t\nhttps://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-gstreamer1-plugins-good/?sphrase_id=641091\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.13/\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\nhttps://errata.msvsphere-os.ru/definition/9/INFCSA-2025:7242?lang=ru\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-1202SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1216SE106\nhttps://cve.omp.ru/bb30515",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,4)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,1)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
bit-java-2024-47775
Vulnerability from bitnami_vulndb
Published
2026-05-06 14:45
Modified
2026-05-08 06:11
Summary
GHSL-2024-261: GStreamer has an OOB-read in parse_ds64
Details
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "java",
"purl": "pkg:bitnami/java"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.0"
},
{
"introduced": "1.9.0"
},
{
"fixed": "8.0.451"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2024-47775"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:bellsoft:libericajdk:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.",
"id": "BIT-java-2024-47775",
"modified": "2026-05-08T06:11:36.072Z",
"published": "2026-05-06T14:45:02.492Z",
"references": [
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"type": "WEB",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47775"
},
{
"type": "WEB",
"url": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/"
}
],
"schema_version": "1.6.2",
"summary": "GHSL-2024-261: GStreamer has an OOB-read in parse_ds64"
}
bit-jre-2024-47775
Vulnerability from bitnami_vulndb
Published
2026-05-08 05:46
Modified
2026-05-08 06:11
Summary
GHSL-2024-261: GStreamer has an OOB-read in parse_ds64
Details
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "jre",
"purl": "pkg:bitnami/jre"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.0"
},
{
"introduced": "1.9.0"
},
{
"fixed": "8.0.451"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2024-47775"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:bellsoft:libericajre:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.",
"id": "BIT-jre-2024-47775",
"modified": "2026-05-08T06:11:36.072Z",
"published": "2026-05-08T05:46:40.464Z",
"references": [
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"type": "WEB",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47775"
},
{
"type": "WEB",
"url": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/"
}
],
"schema_version": "1.6.2",
"summary": "GHSL-2024-261: GStreamer has an OOB-read in parse_ds64"
}
CERTFR-2025-AVI-0319
Vulnerability from certfr_avis - Published: 2025-04-16 - Updated: 2025-04-16
De multiples vulnérabilités ont été découvertes dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | GraalVM Enterprise Edition | Oracle GraalVM Enterprise Edition version 20.3.17 | ||
| Oracle | Java SE | Oracle Java SE version 21.0.6 | ||
| Oracle | Java SE | Oracle Java SE version 8u441 | ||
| Oracle | GraalVM Enterprise Edition | Oracle GraalVM for JDK version 21.0.6 | ||
| Oracle | Java SE | Oracle Java SE version 17.0.14 | ||
| Oracle | GraalVM Enterprise Edition | Oracle GraalVM for JDK version 24 | ||
| Oracle | Java SE | Oracle Java SE version 11.0.26 | ||
| Oracle | GraalVM Enterprise Edition | Oracle GraalVM for JDK version 17.0.14 | ||
| Oracle | GraalVM Enterprise Edition | Oracle GraalVM Enterprise Edition version 21.3.13 | ||
| Oracle | Java SE | Oracle Java SE version 24 | ||
| Oracle | Java SE | Oracle Java SE version 8u441-perf |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle GraalVM Enterprise Edition version 20.3.17",
"product": {
"name": "GraalVM Enterprise Edition",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 21.0.6",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u441",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 21.0.6",
"product": {
"name": "GraalVM Enterprise Edition",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 17.0.14",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 24",
"product": {
"name": "GraalVM Enterprise Edition",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 11.0.26",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 17.0.14",
"product": {
"name": "GraalVM Enterprise Edition",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM Enterprise Edition version 21.3.13",
"product": {
"name": "GraalVM Enterprise Edition",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 24",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u441-perf",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-54508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54508"
},
{
"name": "CVE-2024-44296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44296"
},
{
"name": "CVE-2024-54502",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54502"
},
{
"name": "CVE-2024-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47544"
},
{
"name": "CVE-2024-54505",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54505"
},
{
"name": "CVE-2024-40866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40866"
},
{
"name": "CVE-2024-47545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47545"
},
{
"name": "CVE-2024-54479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54479"
},
{
"name": "CVE-2024-47596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47596"
},
{
"name": "CVE-2025-24150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24150"
},
{
"name": "CVE-2024-27856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27856"
},
{
"name": "CVE-2024-47606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47606"
},
{
"name": "CVE-2024-44187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44187"
},
{
"name": "CVE-2025-24162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24162"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2024-47546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47546"
},
{
"name": "CVE-2024-44244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44244"
},
{
"name": "CVE-2024-44309",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44309"
},
{
"name": "CVE-2024-47778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47778"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-44308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44308"
},
{
"name": "CVE-2024-47777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47777"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2024-47597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47597"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2024-44185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44185"
},
{
"name": "CVE-2024-54543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54543"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2024-47776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47776"
},
{
"name": "CVE-2024-47775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47775"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2025-24143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24143"
},
{
"name": "CVE-2025-24158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24158"
}
],
"initial_release_date": "2025-04-16T00:00:00",
"last_revision_date": "2025-04-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0319",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Java SE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": "2025-04-15",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Java SE cpuapr2025",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
]
}
CERTFR-2025-AVI-0661
Vulnerability from certfr_avis - Published: 2025-08-07 - Updated: 2025-08-07
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AppDynamics Cluster Agent versions ant\u00e9rieures \u00e0 25.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": " AppDynamics On-Premise Enterprise Console versions ant\u00e9rieures \u00e0 25.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2025-21543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21543"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2024-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47601"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2024-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47544"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2024-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47538"
},
{
"name": "CVE-2024-47545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47545"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2022-38398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38398"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2024-4761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4761"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2024-47596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47596"
},
{
"name": "CVE-2022-48285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48285"
},
{
"name": "CVE-2019-9674",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2018-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3824"
},
{
"name": "CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"name": "CVE-2024-47602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47602"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-47541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47541"
},
{
"name": "CVE-2024-47774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47774"
},
{
"name": "CVE-2023-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50186"
},
{
"name": "CVE-2024-47599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47599"
},
{
"name": "CVE-2024-47606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47606"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2024-47540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47540"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2023-0833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0833"
},
{
"name": "CVE-2024-47542",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47542"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21531"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2024-47546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47546"
},
{
"name": "CVE-2024-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47607"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-27888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27888"
},
{
"name": "CVE-2024-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47537"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2024-52979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52979"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2023-6992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6992"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2024-47778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47778"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2024-47777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47777"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2024-47543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47543"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2024-47600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47600"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2024-47835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47835"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2024-47597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47597"
},
{
"name": "CVE-2025-21520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21520"
},
{
"name": "CVE-2024-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47539"
},
{
"name": "CVE-2021-23413",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23413"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-40146",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40146"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2024-47598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47598"
},
{
"name": "CVE-2024-47603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47603"
},
{
"name": "CVE-2022-38648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38648"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21518"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2024-47615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47615"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2024-47776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47776"
},
{
"name": "CVE-2024-47834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47834"
},
{
"name": "CVE-2024-47775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47775"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
}
],
"initial_release_date": "2025-08-07T00:00:00",
"last_revision_date": "2025-08-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0661",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2025-08-06",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0802",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0802"
},
{
"published_at": "2025-08-06",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0801",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0801"
}
]
}
FKIE_CVE-2024-47775
Vulnerability from fkie_nvd - Published: 2024-12-12 02:03 - Updated: 2026-03-17 15:52
Severity
Summary
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch | Patch | |
| security-advisories@github.com | https://gstreamer.freedesktop.org/security/sa-2024-0027.html | Release Notes | |
| security-advisories@github.com | https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B92A50A-2A86-49C9-9E3E-CE01EBC1987B",
"versionEndExcluding": "1.24.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10."
},
{
"lang": "es",
"value": "GStreamer es una librer\u00eda para construir gr\u00e1ficos de componentes de manejo de medios. Se ha encontrado una vulnerabilidad de lectura OOB en la funci\u00f3n parse_ds64 dentro de gstwavparse.c. La funci\u00f3n parse_ds64 no verifica que el b\u00fafer buf contenga datos suficientes antes de intentar leer de \u00e9l, y realiza m\u00faltiples operaciones GST_READ_UINT32_LE sin realizar verificaciones de los l\u00edmites. Esto puede provocar una lectura OOB cuando buf es m\u00e1s peque\u00f1o de lo esperado. Esta vulnerabilidad permite leer m\u00e1s all\u00e1 de los l\u00edmites del b\u00fafer de datos, lo que puede provocar un bloqueo (denegaci\u00f3n de servicio) o la fuga de datos confidenciales. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 1.24.10."
}
],
"id": "CVE-2024-47775",
"lastModified": "2026-03-17T15:52:33.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-12-12T02:03:40.430",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00035.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
OPENSUSE-SU-2024:14578-1
Vulnerability from csaf_opensuse - Published: 2024-12-13 00:00 - Updated: 2024-12-13 00:00Summary
gstreamer-plugins-good-1.24.10-2.1 on GA media
Severity
Moderate
Notes
Title of the patch: gstreamer-plugins-good-1.24.10-2.1 on GA media
Description of the patch: These are all security issues fixed in the gstreamer-plugins-good-1.24.10-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14578
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.1 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
31 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://www.suse.com/security/cve/CVE-2024-47530/ | self |
| https://www.suse.com/security/cve/CVE-2024-47537/ | self |
| https://www.suse.com/security/cve/CVE-2024-47598/ | self |
| https://www.suse.com/security/cve/CVE-2024-47599/ | self |
| https://www.suse.com/security/cve/CVE-2024-47601/ | self |
| https://www.suse.com/security/cve/CVE-2024-47606/ | self |
| https://www.suse.com/security/cve/CVE-2024-47613/ | self |
| https://www.suse.com/security/cve/CVE-2024-47774/ | self |
| https://www.suse.com/security/cve/CVE-2024-47775/ | self |
| https://www.suse.com/security/cve/CVE-2024-47530 | external |
| https://bugzilla.suse.com/1239347 | external |
| https://www.suse.com/security/cve/CVE-2024-47537 | external |
| https://bugzilla.suse.com/1234414 | external |
| https://www.suse.com/security/cve/CVE-2024-47598 | external |
| https://bugzilla.suse.com/1234426 | external |
| https://www.suse.com/security/cve/CVE-2024-47599 | external |
| https://bugzilla.suse.com/1234427 | external |
| https://www.suse.com/security/cve/CVE-2024-47601 | external |
| https://bugzilla.suse.com/1234428 | external |
| https://www.suse.com/security/cve/CVE-2024-47606 | external |
| https://bugzilla.suse.com/1234449 | external |
| https://www.suse.com/security/cve/CVE-2024-47613 | external |
| https://bugzilla.suse.com/1234447 | external |
| https://www.suse.com/security/cve/CVE-2024-47774 | external |
| https://bugzilla.suse.com/1234446 | external |
| https://www.suse.com/security/cve/CVE-2024-47775 | external |
| https://bugzilla.suse.com/1234434 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "gstreamer-plugins-good-1.24.10-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the gstreamer-plugins-good-1.24.10-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14578",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14578-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2024:14578-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GZDF3P2GSSY47IWYHI5OBEEMZAKWSY3E/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2024:14578-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GZDF3P2GSSY47IWYHI5OBEEMZAKWSY3E/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47530 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47537 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47599 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47613 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47774 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47775/"
}
],
"title": "gstreamer-plugins-good-1.24.10-2.1 on GA media",
"tracking": {
"current_release_date": "2024-12-13T00:00:00Z",
"generator": {
"date": "2024-12-13T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14578-1",
"initial_release_date": "2024-12-13T00:00:00Z",
"revision_history": [
{
"date": "2024-12-13T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gstreamer-plugins-good-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-extra-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-jack-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-lang-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"product": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"product_id": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"product": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"product_id": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer-plugins-good-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-32bit-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-extra-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-gtk-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-jack-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-lang-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"product": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"product_id": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer-plugins-good-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-extra-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-jack-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-lang-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64",
"product": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64",
"product_id": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-lang-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64"
},
"product_reference": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le"
},
"product_reference": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x"
},
"product_reference": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
},
"product_reference": "gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47530"
}
],
"notes": [
{
"category": "general",
"text": "Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lack of scheme validation, HTTPS Downgrade Attack can be performed on the users. This vulnerability is fixed in 4.89.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47530",
"url": "https://www.suse.com/security/cve/CVE-2024-47530"
},
{
"category": "external",
"summary": "SUSE Bug 1239347 for CVE-2024-47530",
"url": "https://bugzilla.suse.com/1239347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47530"
},
{
"cve": "CVE-2024-47537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47537"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-\u003esamples to accommodate stream-\u003en_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read from the input file. And if this value is big enough, this can lead to an integer overflow during the addition. As a consequence, g_try_renew might allocate memory for a significantly smaller number of elements than intended. Following this, the program iterates through samples_count elements and attempts to write samples_count number of elements, potentially exceeding the actual allocated memory size and causing an OOB-write. This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47537",
"url": "https://www.suse.com/security/cve/CVE-2024-47537"
},
{
"category": "external",
"summary": "SUSE Bug 1234414 for CVE-2024-47537",
"url": "https://bugzilla.suse.com/1234414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-47537"
},
{
"cve": "CVE-2024-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47598"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemux_merge_sample_table function within qtdemux.c. The problem is that the size of the stts buffer isn\u0027t properly checked before reading stts_duration, allowing the program to read 4 bytes beyond the boundaries of stts-\u003edata. This vulnerability reads up to 4 bytes past the allocated bounds of the stts array. This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47598",
"url": "https://www.suse.com/security/cve/CVE-2024-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1234426 for CVE-2024-47598",
"url": "https://bugzilla.suse.com/1234426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47598"
},
{
"cve": "CVE-2024-47599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47599"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47599",
"url": "https://www.suse.com/security/cve/CVE-2024-47599"
},
{
"category": "external",
"summary": "SUSE Bug 1234427 for CVE-2024-47599",
"url": "https://bugzilla.suse.com/1234427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47599"
},
{
"cve": "CVE-2024-47601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47601"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer *sub pointer before performing dereferences. As a result, null pointer dereferences may occur. This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47601",
"url": "https://www.suse.com/security/cve/CVE-2024-47601"
},
{
"category": "external",
"summary": "SUSE Bug 1234428 for CVE-2024-47601",
"url": "https://bugzilla.suse.com/1234428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47601"
},
{
"cve": "CVE-2024-47606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47606"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned) size, causing the overflow of the \u0027slice_size\u0027 variable. As a result, only 0x89 bytes are allocated, despite the large input size. When the following memcpy call occurs in gst_buffer_fill, the data from the input file will overwrite the content of the GstMapInfo info structure. Finally, during the call to gst_memory_unmap, the overwritten memory may cause a function pointer hijack, as the mem-\u003eallocator-\u003emem_unmap_full function is called with a corrupted pointer. This function pointer overwrite could allow an attacker to alter the execution flow of the program, leading to arbitrary code execution. This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47606",
"url": "https://www.suse.com/security/cve/CVE-2024-47606"
},
{
"category": "external",
"summary": "SUSE Bug 1234449 for CVE-2024-47606",
"url": "https://bugzilla.suse.com/1234449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-47606"
},
{
"cve": "CVE-2024-47613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47613"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function invokes `memcpy`, using `out_pix` as the destination address. `out_pix` is expected to point to the frame 0 from the frame structure, which is read from the input file. However, in certain situations, it can points to a NULL frame, causing the subsequent call to `memcpy` to attempt writing to the null address (0x00), leading to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47613",
"url": "https://www.suse.com/security/cve/CVE-2024-47613"
},
{
"category": "external",
"summary": "SUSE Bug 1234447 for CVE-2024-47613",
"url": "https://bugzilla.suse.com/1234447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47613"
},
{
"cve": "CVE-2024-47774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47774"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_avi_subtitle_parse_gab2_chunk function within gstavisubtitle.c. The function reads the name_length value directly from the input file without checking it properly. Then, the a condition, does not properly handle cases where name_length is greater than 0xFFFFFFFF - 17, causing an integer overflow. In such scenario, the function attempts to access memory beyond the buffer leading to an OOB-read. This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47774",
"url": "https://www.suse.com/security/cve/CVE-2024-47774"
},
{
"category": "external",
"summary": "SUSE Bug 1234446 for CVE-2024-47774",
"url": "https://bugzilla.suse.com/1234446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47774"
},
{
"cve": "CVE-2024-47775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47775"
}
],
"notes": [
{
"category": "general",
"text": "GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47775",
"url": "https://www.suse.com/security/cve/CVE-2024-47775"
},
{
"category": "external",
"summary": "SUSE Bug 1234434 for CVE-2024-47775",
"url": "https://bugzilla.suse.com/1234434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-extra-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-gtk-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-jack-32bit-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-lang-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml-1.24.10-2.1.x86_64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.aarch64",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.ppc64le",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.s390x",
"openSUSE Tumbleweed:gstreamer-plugins-good-qtqml6-1.24.10-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47775"
}
]
}
RHSA-2025:7242
Vulnerability from csaf_redhat - Published: 2025-05-13 08:36 - Updated: 2026-03-19 17:31Summary
Red Hat Security Advisory: gstreamer1-plugins-good security update
Severity
Moderate
Notes
Topic: An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.
Security Fix(es):
* gstreamer1-plugins-good: OOB-read in qtdemux_parse_container (CVE-2024-47543)
* gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk (CVE-2024-47774)
* gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk (CVE-2024-47777)
* gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk (CVE-2024-47778)
* gstreamer1-plugins-good: OOB-read in parse_ds64 (CVE-2024-47775)
* gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing (CVE-2024-47596)
* gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences (CVE-2024-47599)
* gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate (CVE-2024-47834)
* gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk (CVE-2024-47776)
* gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling (CVE-2024-47544)
* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47601)
* gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples (CVE-2024-47597)
* gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read (CVE-2024-47546)
* gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer (CVE-2024-47602)
* gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (CVE-2024-47598)
* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47603)
* gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read (CVE-2024-47545)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the GStreamer library. An out-of-bounds read in the MP4/MOV demuxer can lead to crashes for certain input files, potentially allowing a malicious third party to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Multiple NULL pointer dereferences in the MP4/MOV demuxer's CENC handling can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
6.2 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer can lead to out-of-bounds reads that may cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
6.2 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Integer underflow in the MP4/MOV demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
6.2 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. An integer underflow due to missing size checks in the MP4/MOV demuxer can lead to out-of-bounds reads and cause crashes for certain input files. This issue can allow a malicious actor to trigger a crash of the application.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Multiple out-of-bounds reads in the MP4/MOV demuxer's sample table parsing and a lack of error checking can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. When handling raw audio tracks, out-of-bounds reads in the MP4/MOV demuxer's sample table parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Insufficient error handling in the JPEG decoder can lead to NULL-pointer dereferences and cause crashes for certain input files, making it possible for a malicious actor to trigger a crash of the application.
5.5 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. A NULL pointer dereference in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.5 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. NULL pointer dereferences and out-of-bounds reads in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.5 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. A NULL pointer dereference in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.5 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. An out-of-bounds read in the gst_avi_subtitle_parse_gab2_chunk function can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, making it possible for a malicious actor to trigger a crash of the application.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the GStreamer library. A use-after-free in the Matroska demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.
5.1 (Medium)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
125 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2025:7242 | self |
| https://docs.redhat.com/en/documentation/red_hat_… | external |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331723 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331739 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331741 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331743 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331744 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331747 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331748 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331749 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331750 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331751 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331752 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331755 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331756 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331759 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331761 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331762 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331763 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-47543 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331723 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47543 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47543 | external |
| https://gitlab.freedesktop.org/gstreamer/gstreame… | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47544 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331751 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47544 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47544 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47545 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331763 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47545 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47545 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47546 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331756 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47546 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47546 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47596 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331747 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47596 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47596 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47597 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331755 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47597 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47597 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47598 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331761 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47598 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47598 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47599 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331748 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47599 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47599 | external |
| https://gitlab.freedesktop.org/gstreamer/gstreame… | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47601 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331752 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47601 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47601 | external |
| https://gitlab.freedesktop.org/gstreamer/gstreame… | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47602 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331759 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47602 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47602 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47603 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331762 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47603 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47603 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47774 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331739 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47774 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47774 | external |
| https://github.com/github/securitylab-vulnerabili… | external |
| https://gitlab.freedesktop.org/gstreamer/gstreame… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47775 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331744 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47775 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47775 | external |
| https://gitlab.freedesktop.org/gstreamer/gstreame… | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47776 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331750 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47776 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47776 | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47777 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331741 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47777 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47777 | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47778 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331743 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47778 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47778 | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
| https://access.redhat.com/security/cve/CVE-2024-47834 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331749 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-47834 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-47834 | external |
| https://gstreamer.freedesktop.org/security/sa-202… | external |
| https://securitylab.github.com/advisories/GHSL-20… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-good: OOB-read in qtdemux_parse_container (CVE-2024-47543)\n\n* gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk (CVE-2024-47774)\n\n* gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk (CVE-2024-47777)\n\n* gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk (CVE-2024-47778)\n\n* gstreamer1-plugins-good: OOB-read in parse_ds64 (CVE-2024-47775)\n\n* gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing (CVE-2024-47596)\n\n* gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences (CVE-2024-47599)\n\n* gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate (CVE-2024-47834)\n\n* gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk (CVE-2024-47776)\n\n* gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling (CVE-2024-47544)\n\n* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47601)\n\n* gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples (CVE-2024-47597)\n\n* gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read (CVE-2024-47546)\n\n* gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer (CVE-2024-47602)\n\n* gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (CVE-2024-47598)\n\n* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47603)\n\n* gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read (CVE-2024-47545)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:7242",
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.6_release_notes/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.6_release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2331723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331723"
},
{
"category": "external",
"summary": "2331739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331739"
},
{
"category": "external",
"summary": "2331741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331741"
},
{
"category": "external",
"summary": "2331743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331743"
},
{
"category": "external",
"summary": "2331744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331744"
},
{
"category": "external",
"summary": "2331747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331747"
},
{
"category": "external",
"summary": "2331748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331748"
},
{
"category": "external",
"summary": "2331749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331749"
},
{
"category": "external",
"summary": "2331750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331750"
},
{
"category": "external",
"summary": "2331751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331751"
},
{
"category": "external",
"summary": "2331752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331752"
},
{
"category": "external",
"summary": "2331755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331755"
},
{
"category": "external",
"summary": "2331756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331756"
},
{
"category": "external",
"summary": "2331759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331759"
},
{
"category": "external",
"summary": "2331761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331761"
},
{
"category": "external",
"summary": "2331762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331762"
},
{
"category": "external",
"summary": "2331763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331763"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_7242.json"
}
],
"title": "Red Hat Security Advisory: gstreamer1-plugins-good security update",
"tracking": {
"current_release_date": "2026-03-19T17:31:34+00:00",
"generator": {
"date": "2026-03-19T17:31:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:7242",
"initial_release_date": "2025-05-13T08:36:31+00:00",
"revision_history": [
{
"date": "2025-05-13T08:36:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-13T08:36:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-19T17:31:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"product": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"product_id": "gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-4.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"product": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"product_id": "gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-4.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"product": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"product_id": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk@1.22.12-4.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"product": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"product_id": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debugsource@1.22.12-4.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"product": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"product_id": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debuginfo@1.22.12-4.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"product": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"product_id": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk-debuginfo@1.22.12-4.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"product": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"product_id": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-qt-debuginfo@1.22.12-4.el9?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"product": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"product_id": "gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-4.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"product": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"product_id": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk@1.22.12-4.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"product": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"product_id": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debugsource@1.22.12-4.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"product": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"product_id": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debuginfo@1.22.12-4.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"product": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"product_id": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk-debuginfo@1.22.12-4.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"product": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"product_id": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-qt-debuginfo@1.22.12-4.el9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"product": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"product_id": "gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-4.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"product": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"product_id": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk@1.22.12-4.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"product": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"product_id": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debugsource@1.22.12-4.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"product": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"product_id": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debuginfo@1.22.12-4.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"product": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"product_id": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk-debuginfo@1.22.12-4.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"product": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"product_id": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-qt-debuginfo@1.22.12-4.el9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"product": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"product_id": "gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-4.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"product": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"product_id": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk@1.22.12-4.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"product": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"product_id": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debugsource@1.22.12-4.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"product": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"product_id": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debuginfo@1.22.12-4.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"product": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"product_id": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk-debuginfo@1.22.12-4.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64",
"product": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64",
"product_id": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-qt-debuginfo@1.22.12-4.el9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"product": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"product_id": "gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-4.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"product": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"product_id": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk@1.22.12-4.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"product": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"product_id": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debugsource@1.22.12-4.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"product": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"product_id": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-debuginfo@1.22.12-4.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"product": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"product_id": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-gtk-debuginfo@1.22.12-4.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"product": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"product_id": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gstreamer1-plugins-good-qt-debuginfo@1.22.12-4.el9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64"
},
"product_reference": "gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686"
},
"product_reference": "gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le"
},
"product_reference": "gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x"
},
"product_reference": "gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src"
},
"product_reference": "gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64"
},
"product_reference": "gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64"
},
"product_reference": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686"
},
"product_reference": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le"
},
"product_reference": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x"
},
"product_reference": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64"
},
"product_reference": "gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64"
},
"product_reference": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686"
},
"product_reference": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le"
},
"product_reference": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x"
},
"product_reference": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64"
},
"product_reference": "gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64"
},
"product_reference": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686"
},
"product_reference": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le"
},
"product_reference": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x"
},
"product_reference": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64"
},
"product_reference": "gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64"
},
"product_reference": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686"
},
"product_reference": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le"
},
"product_reference": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x"
},
"product_reference": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64"
},
"product_reference": "gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64"
},
"product_reference": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686"
},
"product_reference": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le"
},
"product_reference": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x"
},
"product_reference": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"relates_to_product_reference": "AppStream-9.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
},
"product_reference": "gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47543",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T19:01:06.518071+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331723"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. An out-of-bounds read in the MP4/MOV demuxer can lead to crashes for certain input files, potentially allowing a malicious third party to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in qtdemux_parse_container",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47543"
},
{
"category": "external",
"summary": "RHBZ#2331723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47543"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0009.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0009.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-236_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-236_Gstreamer/"
}
],
"release_date": "2024-12-11T18:55:50.210000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in qtdemux_parse_container"
},
{
"cve": "CVE-2024-47544",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-12-11T20:01:47.895968+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331751"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Multiple NULL pointer dereferences in the MP4/MOV demuxer\u0027s CENC handling can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47544"
},
{
"category": "external",
"summary": "RHBZ#2331751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47544"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47544",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47544"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0011.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0011.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-238_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-238_Gstreamer/"
}
],
"release_date": "2024-12-11T18:57:31.268000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling"
},
{
"cve": "CVE-2024-47545",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"discovery_date": "2024-12-11T20:02:36.295237+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331763"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer can lead to out-of-bounds reads that may cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47545"
},
{
"category": "external",
"summary": "RHBZ#2331763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331763"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47545"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0010.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0010.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-242_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-242_Gstreamer/"
}
],
"release_date": "2024-12-11T18:58:14.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read"
},
{
"cve": "CVE-2024-47546",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"discovery_date": "2024-12-11T20:02:09.371312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Integer underflow in the MP4/MOV demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47546"
},
{
"category": "external",
"summary": "RHBZ#2331756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47546"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0013.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0013.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-243_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-243_Gstreamer/"
}
],
"release_date": "2024-12-11T19:01:05.831000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read"
},
{
"cve": "CVE-2024-47596",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:01:30.387932+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331747"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. An integer underflow due to missing size checks in the MP4/MOV demuxer can lead to out-of-bounds reads and cause crashes for certain input files. This issue can allow a malicious actor to trigger a crash of the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47596"
},
{
"category": "external",
"summary": "RHBZ#2331747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331747"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47596"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47596",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47596"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0015.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0015.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-244_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-244_Gstreamer/"
}
],
"release_date": "2024-12-11T19:01:23.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing"
},
{
"cve": "CVE-2024-47597",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:02:05.307914+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331755"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Multiple out-of-bounds reads in the MP4/MOV demuxer\u0027s sample table parsing and a lack of error checking can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47597"
},
{
"category": "external",
"summary": "RHBZ#2331755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331755"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47597"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0012.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0012.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-245_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-245_Gstreamer/"
}
],
"release_date": "2024-12-11T19:01:50.820000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples"
},
{
"cve": "CVE-2024-47598",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:02:28.768219+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. When handling raw audio tracks, out-of-bounds reads in the MP4/MOV demuxer\u0027s sample table parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47598"
},
{
"category": "external",
"summary": "RHBZ#2331761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47598"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0006.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0006.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-246_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-246_Gstreamer/"
}
],
"release_date": "2024-12-11T19:02:32.029000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table"
},
{
"cve": "CVE-2024-47599",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-12-11T20:01:34.696203+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331748"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Insufficient error handling in the JPEG decoder can lead to NULL-pointer dereferences and cause crashes for certain input files, making it possible for a malicious actor to trigger a crash of the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47599"
},
{
"category": "external",
"summary": "RHBZ#2331748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47599"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8040.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8040.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0016.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0016.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-247_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-247_Gstreamer/"
}
],
"release_date": "2024-12-11T19:02:52.412000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences"
},
{
"cve": "CVE-2024-47601",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-12-11T20:01:52.496087+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331752"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. A NULL pointer dereference in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47601"
},
{
"category": "external",
"summary": "RHBZ#2331752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331752"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47601"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0020.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0020.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-249_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-249_Gstreamer/"
}
],
"release_date": "2024-12-11T19:03:36.650000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer"
},
{
"cve": "CVE-2024-47602",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-12-11T20:02:21.573425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331759"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. NULL pointer dereferences and out-of-bounds reads in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47602"
},
{
"category": "external",
"summary": "RHBZ#2331759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331759"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47602"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0019.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0019.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-250_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-250_Gstreamer/"
}
],
"release_date": "2024-12-11T19:10:31.683000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer"
},
{
"cve": "CVE-2024-47603",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-12-11T20:02:32.664783+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331762"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. A NULL pointer dereference in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47603"
},
{
"category": "external",
"summary": "RHBZ#2331762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47603"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0021.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0021.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-251_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-251_Gstreamer/"
}
],
"release_date": "2024-12-11T19:11:51.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer"
},
{
"cve": "CVE-2024-47774",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:00:59.225323+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. An out-of-bounds read in the gst_avi_subtitle_parse_gab2_chunk function can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47774"
},
{
"category": "external",
"summary": "RHBZ#2331739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47774"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47774",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47774"
},
{
"category": "external",
"summary": "https://github.com/github/securitylab-vulnerabilities/issues/1826",
"url": "https://github.com/github/securitylab-vulnerabilities/issues/1826"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043.patch"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-262_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-262_Gstreamer/"
}
],
"release_date": "2024-12-11T19:15:18.259000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk"
},
{
"cve": "CVE-2024-47775",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:01:18.849608+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331744"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, making it possible for a malicious actor to trigger a crash of the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in parse_ds64",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47775"
},
{
"category": "external",
"summary": "RHBZ#2331744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331744"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47775"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/"
}
],
"release_date": "2024-12-11T19:15:44.607000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in parse_ds64"
},
{
"cve": "CVE-2024-47776",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:01:43.508443+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331750"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47776"
},
{
"category": "external",
"summary": "RHBZ#2331750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47776"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-260_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-260_Gstreamer/"
}
],
"release_date": "2024-12-11T19:16:04.573000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk"
},
{
"cve": "CVE-2024-47777",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:01:07.868488+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47777"
},
{
"category": "external",
"summary": "RHBZ#2331741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47777"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-259_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-259_Gstreamer/"
}
],
"release_date": "2024-12-11T19:16:33.169000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk"
},
{
"cve": "CVE-2024-47778",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-12-11T20:01:15.497737+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47778"
},
{
"category": "external",
"summary": "RHBZ#2331743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47778"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-258_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-258_Gstreamer/"
}
],
"release_date": "2024-12-11T19:16:58.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk"
},
{
"cve": "CVE-2024-47834",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-12-11T20:01:39.432741+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331749"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the GStreamer library. A use-after-free in the Matroska demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47834"
},
{
"category": "external",
"summary": "RHBZ#2331749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331749"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47834"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47834",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47834"
},
{
"category": "external",
"summary": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch",
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch"
},
{
"category": "external",
"summary": "https://gstreamer.freedesktop.org/security/sa-2024-0030.html",
"url": "https://gstreamer.freedesktop.org/security/sa-2024-0030.html"
},
{
"category": "external",
"summary": "https://securitylab.github.com/advisories/GHSL-2024-280_Gstreamer/",
"url": "https://securitylab.github.com/advisories/GHSL-2024-280_Gstreamer/"
}
],
"release_date": "2024-12-11T19:18:04.069000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T08:36:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7242"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.src",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-debugsource-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-gtk-debuginfo-0:1.22.12-4.el9.x86_64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.aarch64",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.i686",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.ppc64le",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.s390x",
"AppStream-9.6.0.GA:gstreamer1-plugins-good-qt-debuginfo-0:1.22.12-4.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…