Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-qprd-2m5u-bbe7

Summary GStreamer: GStreamer: Arbitrary code execution via ASF file processing

Aliases

alias	CVE-2026-2920

Fixed_packages

url	pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u1

url	pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.22.0-2%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.26.3-4%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-ugly1.0@1.28.1-1?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.28.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.28.1-1%3Fdistro=trixie

url	pkg:deb/debian/gst-plugins-ugly1.0@1.28.2-1?distro=trixie
purl	pkg:deb/debian/gst-plugins-ugly1.0@1.28.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.28.2-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/gst-plugins-ugly1.0@1.2.4-1~bpo70%2B1

purl pkg:deb/debian/gst-plugins-ugly1.0@1.2.4-1~bpo70%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1352-tnq5-ufay

vulnerability	VCID-1ehd-9wvy-cyee

vulnerability	VCID-fha5-vkks-dfbd

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-nw6x-t3ay-mbgn

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-yrqz-bhfv-xkeq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.2.4-1~bpo70%252B1

url pkg:deb/debian/gst-plugins-ugly1.0@1.4.4-2

purl pkg:deb/debian/gst-plugins-ugly1.0@1.4.4-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1352-tnq5-ufay

vulnerability	VCID-1ehd-9wvy-cyee

vulnerability	VCID-fha5-vkks-dfbd

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-nw6x-t3ay-mbgn

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-yrqz-bhfv-xkeq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.4.4-2

url pkg:deb/debian/gst-plugins-ugly1.0@1.4.4-2%2Bdeb8u1

purl pkg:deb/debian/gst-plugins-ugly1.0@1.4.4-2%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1352-tnq5-ufay

vulnerability	VCID-1ehd-9wvy-cyee

vulnerability	VCID-fha5-vkks-dfbd

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-nw6x-t3ay-mbgn

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-yrqz-bhfv-xkeq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.4.4-2%252Bdeb8u1

url pkg:deb/debian/gst-plugins-ugly1.0@1.10.4-1

purl pkg:deb/debian/gst-plugins-ugly1.0@1.10.4-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1352-tnq5-ufay

vulnerability	VCID-1ehd-9wvy-cyee

vulnerability	VCID-fha5-vkks-dfbd

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-qprd-2m5u-bbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.10.4-1

url pkg:deb/debian/gst-plugins-ugly1.0@1.14.4-1%2Bdeb10u1

purl pkg:deb/debian/gst-plugins-ugly1.0@1.14.4-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1352-tnq5-ufay

vulnerability	VCID-fha5-vkks-dfbd

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-qprd-2m5u-bbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.14.4-1%252Bdeb10u1

url pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1

purl pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-qprd-2m5u-bbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-ugly1.0@1.18.4-2%252Bdeb11u1

url pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.16.1-6?arch=el8_10

purl pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.16.1-6?arch=el8_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.16.1-6%3Farch=el8_10

url pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.22.12-5?arch=el9_7

purl pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.22.12-5?arch=el9_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.22.12-5%3Farch=el9_7

url pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.22.12-5?arch=el9_6

purl pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.22.12-5?arch=el9_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.22.12-5%3Farch=el9_6

url pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.24.11-3?arch=el10_1

purl pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.24.11-3?arch=el10_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.24.11-3%3Farch=el10_1

url pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.24.11-3?arch=el10_0

purl pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.24.11-3?arch=el10_0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-bad-free@1.24.11-3%3Farch=el10_0

url pkg:rpm/redhat/gstreamer1-plugins-base@1.16.1-6?arch=el8_10

purl pkg:rpm/redhat/gstreamer1-plugins-base@1.16.1-6?arch=el8_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-base@1.16.1-6%3Farch=el8_10

url pkg:rpm/redhat/gstreamer1-plugins-base@1.22.12-5?arch=el9_7

purl pkg:rpm/redhat/gstreamer1-plugins-base@1.22.12-5?arch=el9_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-base@1.22.12-5%3Farch=el9_7

url pkg:rpm/redhat/gstreamer1-plugins-base@1.22.12-5?arch=el9_6

purl pkg:rpm/redhat/gstreamer1-plugins-base@1.22.12-5?arch=el9_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-base@1.22.12-5%3Farch=el9_6

url pkg:rpm/redhat/gstreamer1-plugins-base@1.24.11-1.el10_0?arch=1

purl pkg:rpm/redhat/gstreamer1-plugins-base@1.24.11-1.el10_0?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-base@1.24.11-1.el10_0%3Farch=1

url pkg:rpm/redhat/gstreamer1-plugins-base@1.24.11-2?arch=el10_1

purl pkg:rpm/redhat/gstreamer1-plugins-base@1.24.11-2?arch=el10_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-base@1.24.11-2%3Farch=el10_1

url pkg:rpm/redhat/gstreamer1-plugins-good@1.16.1-6?arch=el8_10

purl pkg:rpm/redhat/gstreamer1-plugins-good@1.16.1-6?arch=el8_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-good@1.16.1-6%3Farch=el8_10

url pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-5?arch=el9_7

purl pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-5?arch=el9_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-5%3Farch=el9_7

url pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-5?arch=el9_6

purl pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-5?arch=el9_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-good@1.22.12-5%3Farch=el9_6

url pkg:rpm/redhat/gstreamer1-plugins-good@1.24.11-1.el10_0?arch=2

purl pkg:rpm/redhat/gstreamer1-plugins-good@1.24.11-1.el10_0?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-good@1.24.11-1.el10_0%3Farch=2

url pkg:rpm/redhat/gstreamer1-plugins-good@1.24.11-2?arch=el10_1

purl pkg:rpm/redhat/gstreamer1-plugins-good@1.24.11-2?arch=el10_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-good@1.24.11-2%3Farch=el10_1

url pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.22.12-4?arch=el9_7

purl pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.22.12-4?arch=el9_7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.22.12-4%3Farch=el9_7

url pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.22.12-4?arch=el9_6

purl pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.22.12-4?arch=el9_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.22.12-4%3Farch=el9_6

url pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.24.11-1.el10_0?arch=1

purl pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.24.11-1.el10_0?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.24.11-1.el10_0%3Farch=1

url pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.24.11-2?arch=el10_1

purl pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.24.11-2?arch=el10_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ka2-hbcv-8uh2

vulnerability	VCID-a2rd-ntzd-2kdr

vulnerability	VCID-fkgk-c6h7-ubgh

vulnerability	VCID-q56p-kvy2-23af

vulnerability	VCID-qghh-5fn5-8bds

vulnerability	VCID-qprd-2m5u-bbe7

vulnerability	VCID-upbh-pvqc-4ubn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gstreamer1-plugins-ugly-free@1.24.11-2%3Farch=el10_1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2920.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2920.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-2920

reference_id

reference_type

scores

value	0.00062
scoring_system	epss
scoring_elements	0.19578
published_at	2026-04-02T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19345
published_at	2026-04-07T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19624
published_at	2026-04-04T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19423
published_at	2026-04-08T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19474
published_at	2026-04-09T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19478
published_at	2026-04-11T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19431
published_at	2026-04-12T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19373
published_at	2026-04-13T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20903
published_at	2026-04-16T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20886
published_at	2026-04-21T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20905
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-2920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2920

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2447490
reference_id	2447490
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2447490

reference_url

https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/37d7991168a223d0810fd1f4493ec6a8b6a510d3

reference_id

37d7991168a223d0810fd1f4493ec6a8b6a510d3

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T20:23:45Z/

url

https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/37d7991168a223d0810fd1f4493ec6a8b6a510d3

reference_url	https://access.redhat.com/errata/RHSA-2026:6259
reference_id	RHSA-2026:6259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6259

reference_url	https://access.redhat.com/errata/RHSA-2026:6300
reference_id	RHSA-2026:6300
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6300

reference_url	https://access.redhat.com/errata/RHSA-2026:6750
reference_id	RHSA-2026:6750
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6750

reference_url	https://access.redhat.com/errata/RHSA-2026:8854
reference_id	RHSA-2026:8854
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8854

reference_url	https://access.redhat.com/errata/RHSA-2026:8862
reference_id	RHSA-2026:8862
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8862

reference_url

https://www.zerodayinitiative.com/advisories/ZDI-26-164/

reference_id

ZDI-26-164

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T20:23:45Z/

url

https://www.zerodayinitiative.com/advisories/ZDI-26-164/

Weaknesses

cwe_id	120
name	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
description	The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

cwe_id	122
name	Heap-based Buffer Overflow
description	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Exploits

Severity_range_score 7.8 - 7.8

Exploitability 0.5

Weighted_severity 7.0

Risk_score 3.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qprd-2m5u-bbe7

Vulnerability Instance