gstreamer-plugins-bad (SUSE:Linux Enterprise Software Development Kit 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP2 package gstreamer-plugins-bad, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2016-9809 — CVSS 7.8 (high): Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via…
CVE-2016-9446 — CVSS 7.5 (high): The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as…
CVE-2016-9445 — CVSS 7.5 (high): Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and…
CVE-2016-9812 — CVSS 7.5 (high): The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service…
CVE-2017-5848 — CVSS 7.5 (high): The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a…
CVE-2017-5843 — CVSS 7.5 (high): Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_track…
CVE-2016-9813 — CVSS 5.5 (medium): The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer…