INFSA-2024:3089: gstreamer1-plugins-good security update
Information about definition
Identificator: INFSA-2024:3089
Type: security
Release date: 2024-08-23 18:54:25 UTC
Information about package
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.
Vulnerabilities description
- CVE-2023-37327
A heap-based buffer overflow vulnerability was found in the FLAC parser in GStreamer. This issue occurs when processing malformed image tags, which could allow a malicious third party to induce a crash in the application and potentially execute code by manipulating the heap.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-37327
|
no information | 5.5 | no information |
Updated packages