Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-sw1k-355a-xfe8

Summary Multiple vulnerabilities have been found in GStreamer and its plugins, the worst of which could result in arbitrary code execution.

Aliases

alias	CVE-2021-3185

Fixed_packages

url	pkg:alpm/archlinux/gst-plugins-bad@1.18.0%2B54%2Bgbd3532008-1
purl	pkg:alpm/archlinux/gst-plugins-bad@1.18.0%2B54%2Bgbd3532008-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gst-plugins-bad@1.18.0%252B54%252Bgbd3532008-1

url pkg:deb/debian/gst-plugins-bad1.0@1.14.4-1%2Bdeb10u2

purl pkg:deb/debian/gst-plugins-bad1.0@1.14.4-1%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-7w2v-896g-aqec

vulnerability	VCID-bq91-aydj-cfcy

vulnerability	VCID-fbbn-5y2w-7fdk

vulnerability	VCID-mk3b-hbpx-7bhy

vulnerability	VCID-mp8d-mf52-wkhg

vulnerability	VCID-n3c5-8bp9-qba6

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-s5qr-h24a-affm

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.14.4-1%252Bdeb10u2

url	pkg:deb/debian/gst-plugins-bad1.0@1.18.1-1?distro=trixie
purl	pkg:deb/debian/gst-plugins-bad1.0@1.18.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.18.1-1%3Fdistro=trixie

url pkg:deb/debian/gst-plugins-bad1.0@1.18.4-3%2Bdeb11u4

purl pkg:deb/debian/gst-plugins-bad1.0@1.18.4-3%2Bdeb11u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.18.4-3%252Bdeb11u4

url pkg:deb/debian/gst-plugins-bad1.0@1.18.4-3%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/gst-plugins-bad1.0@1.18.4-3%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.18.4-3%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-bad1.0@1.22.0-4%2Bdeb12u6?distro=trixie
purl	pkg:deb/debian/gst-plugins-bad1.0@1.22.0-4%2Bdeb12u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.22.0-4%252Bdeb12u6%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-bad1.0@1.26.2-3?distro=trixie
purl	pkg:deb/debian/gst-plugins-bad1.0@1.26.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.26.2-3%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-bad1.0@1.28.1-2?distro=trixie
purl	pkg:deb/debian/gst-plugins-bad1.0@1.28.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.28.1-2%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-bad1.0@1.28.1-3?distro=trixie
purl	pkg:deb/debian/gst-plugins-bad1.0@1.28.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.28.1-3%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-bad1.0@1.28.2-1?distro=trixie
purl	pkg:deb/debian/gst-plugins-bad1.0@1.28.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.28.2-1%3Fdistro=trixie

url	pkg:ebuild/media-libs/gst-plugins-bad@1.16.3
purl	pkg:ebuild/media-libs/gst-plugins-bad@1.16.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gst-plugins-bad@1.16.3

url	pkg:ebuild/media-libs/gst-plugins-base@1.16.3
purl	pkg:ebuild/media-libs/gst-plugins-base@1.16.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gst-plugins-base@1.16.3

url	pkg:ebuild/media-libs/gst-plugins-base@1.18.4
purl	pkg:ebuild/media-libs/gst-plugins-base@1.18.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gst-plugins-base@1.18.4

url	pkg:ebuild/media-libs/gst-plugins-good@1.16.3
purl	pkg:ebuild/media-libs/gst-plugins-good@1.16.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gst-plugins-good@1.16.3

url	pkg:ebuild/media-libs/gst-plugins-good@1.18.4
purl	pkg:ebuild/media-libs/gst-plugins-good@1.18.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gst-plugins-good@1.18.4

url	pkg:ebuild/media-libs/gst-plugins-ugly@1.16.3
purl	pkg:ebuild/media-libs/gst-plugins-ugly@1.16.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gst-plugins-ugly@1.16.3

url	pkg:ebuild/media-libs/gst-plugins-ugly@1.18.4
purl	pkg:ebuild/media-libs/gst-plugins-ugly@1.18.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gst-plugins-ugly@1.18.4

url	pkg:ebuild/media-libs/gstreamer@1.16.3
purl	pkg:ebuild/media-libs/gstreamer@1.16.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gstreamer@1.16.3

url	pkg:ebuild/media-libs/gstreamer@1.18.4
purl	pkg:ebuild/media-libs/gstreamer@1.18.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gstreamer@1.18.4

url	pkg:ebuild/media-libs/gstreamer@1.20.2
purl	pkg:ebuild/media-libs/gstreamer@1.20.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/gstreamer@1.20.2

url	pkg:ebuild/media-plugins/gst-plugins-libav@1.16.3
purl	pkg:ebuild/media-plugins/gst-plugins-libav@1.16.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-plugins/gst-plugins-libav@1.16.3

url	pkg:ebuild/media-plugins/gst-plugins-libav@1.18.4
purl	pkg:ebuild/media-plugins/gst-plugins-libav@1.18.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-plugins/gst-plugins-libav@1.18.4

url	pkg:ebuild/media-plugins/gst-plugins-libav@1.20.2
purl	pkg:ebuild/media-plugins/gst-plugins-libav@1.20.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-plugins/gst-plugins-libav@1.20.2

Affected_packages

url pkg:alpm/archlinux/gst-plugins-bad@1.18.0-2

purl pkg:alpm/archlinux/gst-plugins-bad@1.18.0-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gst-plugins-bad@1.18.0-2

url pkg:deb/debian/gst-plugins-bad1.0@1.0.8-1~bpo70%2B1

purl pkg:deb/debian/gst-plugins-bad1.0@1.0.8-1~bpo70%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fpa-vyzr-7khc

vulnerability	VCID-1pn1-qk99-jkaj

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-55zx-9zp8-d7ce

vulnerability	VCID-646n-bbd9-rfak

vulnerability	VCID-67ga-bujk-n7f8

vulnerability	VCID-7w2v-896g-aqec

vulnerability	VCID-8v4c-jsxq-yfdq

vulnerability	VCID-aj4h-u1er-7faf

vulnerability	VCID-bq91-aydj-cfcy

vulnerability	VCID-fbbn-5y2w-7fdk

vulnerability	VCID-mk3b-hbpx-7bhy

vulnerability	VCID-mp8d-mf52-wkhg

vulnerability	VCID-n3c5-8bp9-qba6

vulnerability	VCID-nu6q-wxgm-w7fj

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qync-5kha-4bgu

vulnerability	VCID-s5qr-h24a-affm

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.0.8-1~bpo70%252B1

url pkg:deb/debian/gst-plugins-bad1.0@1.2.4-1~bpo70%2B1

purl pkg:deb/debian/gst-plugins-bad1.0@1.2.4-1~bpo70%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fpa-vyzr-7khc

vulnerability	VCID-1pn1-qk99-jkaj

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-55zx-9zp8-d7ce

vulnerability	VCID-646n-bbd9-rfak

vulnerability	VCID-67ga-bujk-n7f8

vulnerability	VCID-7w2v-896g-aqec

vulnerability	VCID-8v4c-jsxq-yfdq

vulnerability	VCID-aj4h-u1er-7faf

vulnerability	VCID-bq91-aydj-cfcy

vulnerability	VCID-fbbn-5y2w-7fdk

vulnerability	VCID-mk3b-hbpx-7bhy

vulnerability	VCID-mp8d-mf52-wkhg

vulnerability	VCID-n3c5-8bp9-qba6

vulnerability	VCID-nu6q-wxgm-w7fj

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qync-5kha-4bgu

vulnerability	VCID-s5qr-h24a-affm

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.2.4-1~bpo70%252B1

url pkg:deb/debian/gst-plugins-bad1.0@1.4.4-2.1

purl pkg:deb/debian/gst-plugins-bad1.0@1.4.4-2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fpa-vyzr-7khc

vulnerability	VCID-1pn1-qk99-jkaj

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-55zx-9zp8-d7ce

vulnerability	VCID-646n-bbd9-rfak

vulnerability	VCID-67ga-bujk-n7f8

vulnerability	VCID-7w2v-896g-aqec

vulnerability	VCID-8v4c-jsxq-yfdq

vulnerability	VCID-aj4h-u1er-7faf

vulnerability	VCID-bq91-aydj-cfcy

vulnerability	VCID-fbbn-5y2w-7fdk

vulnerability	VCID-mk3b-hbpx-7bhy

vulnerability	VCID-mp8d-mf52-wkhg

vulnerability	VCID-n3c5-8bp9-qba6

vulnerability	VCID-nu6q-wxgm-w7fj

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qync-5kha-4bgu

vulnerability	VCID-s5qr-h24a-affm

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.4.4-2.1

url pkg:deb/debian/gst-plugins-bad1.0@1.4.4-2.1%2Bdeb8u2

purl pkg:deb/debian/gst-plugins-bad1.0@1.4.4-2.1%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1fpa-vyzr-7khc

vulnerability	VCID-1pn1-qk99-jkaj

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-55zx-9zp8-d7ce

vulnerability	VCID-646n-bbd9-rfak

vulnerability	VCID-67ga-bujk-n7f8

vulnerability	VCID-7w2v-896g-aqec

vulnerability	VCID-8v4c-jsxq-yfdq

vulnerability	VCID-aj4h-u1er-7faf

vulnerability	VCID-bq91-aydj-cfcy

vulnerability	VCID-fbbn-5y2w-7fdk

vulnerability	VCID-mk3b-hbpx-7bhy

vulnerability	VCID-mp8d-mf52-wkhg

vulnerability	VCID-n3c5-8bp9-qba6

vulnerability	VCID-nu6q-wxgm-w7fj

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qync-5kha-4bgu

vulnerability	VCID-s5qr-h24a-affm

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.4.4-2.1%252Bdeb8u2

url pkg:deb/debian/gst-plugins-bad1.0@1.10.4-1

purl pkg:deb/debian/gst-plugins-bad1.0@1.10.4-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pn1-qk99-jkaj

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-7w2v-896g-aqec

vulnerability	VCID-bq91-aydj-cfcy

vulnerability	VCID-fbbn-5y2w-7fdk

vulnerability	VCID-mk3b-hbpx-7bhy

vulnerability	VCID-mp8d-mf52-wkhg

vulnerability	VCID-n3c5-8bp9-qba6

vulnerability	VCID-nu6q-wxgm-w7fj

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-s5qr-h24a-affm

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.10.4-1

url pkg:deb/debian/gst-plugins-bad1.0@1.14.4-1%2Bdeb10u2

purl pkg:deb/debian/gst-plugins-bad1.0@1.14.4-1%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cy1-fzbf-xfgn

vulnerability	VCID-7w2v-896g-aqec

vulnerability	VCID-bq91-aydj-cfcy

vulnerability	VCID-fbbn-5y2w-7fdk

vulnerability	VCID-mk3b-hbpx-7bhy

vulnerability	VCID-mp8d-mf52-wkhg

vulnerability	VCID-n3c5-8bp9-qba6

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-s5qr-h24a-affm

vulnerability	VCID-sw1k-355a-xfe8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-bad1.0@1.14.4-1%252Bdeb10u2

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3185.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3185.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3185

reference_id

reference_type

scores

value	0.00668
scoring_system	epss
scoring_elements	0.7124
published_at	2026-04-01T12:55:00Z

value	0.00668
scoring_system	epss
scoring_elements	0.71282
published_at	2026-04-08T12:55:00Z

value	0.00668
scoring_system	epss
scoring_elements	0.71249
published_at	2026-04-02T12:55:00Z

value	0.00668
scoring_system	epss
scoring_elements	0.71266
published_at	2026-04-04T12:55:00Z

value	0.00668
scoring_system	epss
scoring_elements	0.71241
published_at	2026-04-07T12:55:00Z

value	0.00668
scoring_system	epss
scoring_elements	0.71296
published_at	2026-04-09T12:55:00Z

value	0.00668
scoring_system	epss
scoring_elements	0.71319
published_at	2026-04-11T12:55:00Z

value	0.00668
scoring_system	epss
scoring_elements	0.71303
published_at	2026-04-12T12:55:00Z

value	0.0074
scoring_system	epss
scoring_elements	0.7296
published_at	2026-04-18T12:55:00Z

value	0.0074
scoring_system	epss
scoring_elements	0.72953
published_at	2026-04-21T12:55:00Z

value	0.0074
scoring_system	epss
scoring_elements	0.72909
published_at	2026-04-13T12:55:00Z

value	0.0074
scoring_system	epss
scoring_elements	0.72951
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3185

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3185

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1917192
reference_id	1917192
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1917192

reference_url

https://security.archlinux.org/AVG-1484

reference_id

AVG-1484

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1484

reference_url	https://security.gentoo.org/glsa/202208-31
reference_id	GLSA-202208-31
reference_type
scores
url	https://security.gentoo.org/glsa/202208-31

Weaknesses

cwe_id	120
name	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
description	The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

cwe_id	121
name	Stack-based Buffer Overflow
description	A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Exploits

Severity_range_score 4.0 - 7.3

Exploitability 0.5

Weighted_severity 6.6

Risk_score 3.3

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sw1k-355a-xfe8

Vulnerability Instance