Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/995067?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "type": "deb", "namespace": "debian", "name": "gst-plugins-good1.0", "version": "1.22.0-5+deb12u3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.28.2-4", "latest_non_vulnerable_version": "1.28.2-4", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64432?format=api", "vulnerability_id": "VCID-1g9u-gemh-83bw", "summary": "gstreamer: incomplete fix of CVE-2026-1940", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1940.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1940.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04071", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04037", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04076", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04096", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04042", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04043", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04165", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04968", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0493", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04972", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12592", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12458", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1940" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436932", "reference_id": "2436932", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436932" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/4854", "reference_id": "4854", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/4854" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-1940", "reference_id": "CVE-2026-1940", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-1940" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2026-1940", "reference_id": "CVE-2026-1940", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2026-1940" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2026-0001.html", "reference_id": "sa-2026-0001.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2026-0001.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995069?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067264?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077794?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1089413?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-4" } ], "aliases": [ "CVE-2026-1940" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1g9u-gemh-83bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64265?format=api", "vulnerability_id": "VCID-4ka2-hbcv-8uh2", "summary": "GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3085.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3085.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3085", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50739", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50817", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50765", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50721", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50777", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50793", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50778", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53196", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53171", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.5318", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53234", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.5324", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53222", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53209", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53129", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3085" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447495", "reference_id": "2447495", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447495" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf", "reference_id": "d60a94dee3c0a0942c9981491bf83e0de1900fbf", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T20:25:47Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6259", "reference_id": "RHSA-2026:6259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6300", "reference_id": "RHSA-2026:6300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6750", "reference_id": "RHSA-2026:6750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7673", "reference_id": "RHSA-2026:7673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7850", "reference_id": "RHSA-2026:7850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8854", "reference_id": "RHSA-2026:8854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8857", "reference_id": "RHSA-2026:8857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8862", "reference_id": "RHSA-2026:8862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8874", "reference_id": "RHSA-2026:8874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8876", "reference_id": "RHSA-2026:8876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9446", "reference_id": "RHSA-2026:9446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9447", "reference_id": "RHSA-2026:9447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9487", "reference_id": "RHSA-2026:9487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9488", "reference_id": "RHSA-2026:9488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9488" }, { "reference_url": "https://usn.ubuntu.com/8131-1/", "reference_id": "USN-8131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8131-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-26-167/", "reference_id": "ZDI-26-167", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T20:25:47Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-26-167/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995069?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067264?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077794?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1089413?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-4" } ], "aliases": [ "CVE-2026-3085" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ka2-hbcv-8uh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68427?format=api", "vulnerability_id": "VCID-6rvw-7p62-rbdf", "summary": "gstreamer1-plugins-good: GStreamer MP4 Parser Heap Overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47183.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04068", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04046", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04066", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04085", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04169", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04178", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05852", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05888", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05898", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06631", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06503", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47183" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387141", "reference_id": "2387141", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387141" }, { "reference_url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md", "reference_id": "ATREDIS-2025-0003.md", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-11T19:44:07Z/" } ], "url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md" }, { "reference_url": "https://gstreamer.freedesktop.org/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-11T19:44:07Z/" } ], "url": "https://gstreamer.freedesktop.org/security/" }, { "reference_url": "https://usn.ubuntu.com/7717-1/", "reference_id": "USN-7717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7717-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995068?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.26.2-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.26.2-1" } ], "aliases": [ "CVE-2025-47183" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rvw-7p62-rbdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/352867?format=api", "vulnerability_id": "VCID-7q23-vqfb-mfh8", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5056" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1089413?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-4" } ], "aliases": [ "CVE-2026-5056" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7q23-vqfb-mfh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64263?format=api", "vulnerability_id": "VCID-upbh-pvqc-4ubn", "summary": "GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3083.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3083.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3083", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65814", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65844", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65892", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.6588", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.6585", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67743", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67723", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67765", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67719", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67732", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67713", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67746", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3083" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3083", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3083" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447498", "reference_id": "2447498", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447498" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf", "reference_id": "d60a94dee3c0a0942c9981491bf83e0de1900fbf", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T15:25:51Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6259", "reference_id": "RHSA-2026:6259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6300", "reference_id": "RHSA-2026:6300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6750", "reference_id": "RHSA-2026:6750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7673", "reference_id": "RHSA-2026:7673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7850", "reference_id": "RHSA-2026:7850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8854", "reference_id": "RHSA-2026:8854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8857", "reference_id": "RHSA-2026:8857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8862", "reference_id": "RHSA-2026:8862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8874", "reference_id": "RHSA-2026:8874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8876", "reference_id": "RHSA-2026:8876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9446", "reference_id": "RHSA-2026:9446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9447", "reference_id": "RHSA-2026:9447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9487", "reference_id": "RHSA-2026:9487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9488", "reference_id": "RHSA-2026:9488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9488" }, { "reference_url": "https://usn.ubuntu.com/8131-1/", "reference_id": "USN-8131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8131-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-26-166/", "reference_id": "ZDI-26-166", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T15:25:51Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-26-166/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995069?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067264?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077794?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1089413?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.28.2-4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-4" } ], "aliases": [ "CVE-2026-3083" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-upbh-pvqc-4ubn" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36387?format=api", "vulnerability_id": "VCID-2nz4-ctek-zbfy", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47603.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30196", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41544", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41566", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41533", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41519", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41564", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41538", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41463", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41357", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41352", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41274", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41486", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41536", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.5433", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54287", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331762", "reference_id": "2331762", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331762" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch", "reference_id": "8057.patch", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T20:38:14Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-251_Gstreamer/", "reference_id": "GHSL-2024-251_Gstreamer", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T20:38:14Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-251_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0021.html", "reference_id": "sa-2024-0021.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T20:38:14Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0021.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47603" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2nz4-ctek-zbfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36368?format=api", "vulnerability_id": "VCID-358j-grsx-27fn", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47539.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3101", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.31058", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42632", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42655", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42619", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.4265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42636", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.4257", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42508", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42509", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42425", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42569", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42621", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63368", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63323", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47539" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331726", "reference_id": "2331726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331726" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:41:01Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-195_Gstreamer/", "reference_id": "GHSL-2024-195_Gstreamer", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:41:01Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-195_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11119", "reference_id": "RHSA-2024:11119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11121", "reference_id": "RHSA-2024:11121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11122", "reference_id": "RHSA-2024:11122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11148", "reference_id": "RHSA-2024:11148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11149", "reference_id": "RHSA-2024:11149", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11298", "reference_id": "RHSA-2024:11298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11299", "reference_id": "RHSA-2024:11299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11346", "reference_id": "RHSA-2024:11346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11348", "reference_id": "RHSA-2024:11348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11348" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0007.html", "reference_id": "sa-2024-0007.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:41:01Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0007.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47539" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-358j-grsx-27fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36399?format=api", "vulnerability_id": "VCID-3qta-hpkg-hqad", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47834.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21348", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21403", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30726", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3068", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30704", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30686", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30653", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30476", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30362", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30281", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30734", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.4884", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48903", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47834" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331749", "reference_id": "2331749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331749" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch", "reference_id": "8057.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:15:13Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-280_Gstreamer/", "reference_id": "GHSL-2024-280_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:15:13Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-280_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0030.html", "reference_id": "sa-2024-0030.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:15:13Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0030.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47834" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qta-hpkg-hqad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36372?format=api", "vulnerability_id": "VCID-528p-7av9-1kgv", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47543.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47543.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24637", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24674", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32793", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32829", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32852", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3281", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32528", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32445", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32643", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32835", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34704", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34748", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.3478", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43382", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43458", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47543" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331723", "reference_id": "2331723", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331723" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:29:43Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-236_Gstreamer/", "reference_id": "GHSL-2024-236_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:29:43Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-236_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0009.html", "reference_id": "sa-2024-0009.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:29:43Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0009.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47543" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-528p-7av9-1kgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36376?format=api", "vulnerability_id": "VCID-5ry6-b22q-37gy", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47596.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47596.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47596", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23224", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32874", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32835", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3281", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32852", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32829", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32793", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32643", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32528", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32445", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32796", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43458", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43382", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47596" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47596", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47596" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331747", "reference_id": "2331747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331747" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:41:58Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-244_Gstreamer/", "reference_id": "GHSL-2024-244_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:41:58Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-244_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0015.html", "reference_id": "sa-2024-0015.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:41:58Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0015.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47596" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ry6-b22q-37gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36366?format=api", "vulnerability_id": "VCID-6hjf-zva4-ekcv", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3101", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.31058", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42632", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42655", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42619", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.4265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42636", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.4257", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42508", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42509", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42425", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42569", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42621", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63323", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63368", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47537" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331722", "reference_id": "2331722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331722" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T19:15:39Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-094_Gstreamer/", "reference_id": "GHSL-2024-094_Gstreamer", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T19:15:39Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-094_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11119", "reference_id": "RHSA-2024:11119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11121", "reference_id": "RHSA-2024:11121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11122", "reference_id": "RHSA-2024:11122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11148", "reference_id": "RHSA-2024:11148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11149", "reference_id": "RHSA-2024:11149", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11298", "reference_id": "RHSA-2024:11298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11299", "reference_id": "RHSA-2024:11299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11344", "reference_id": "RHSA-2024:11344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11346", "reference_id": "RHSA-2024:11346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11348", "reference_id": "RHSA-2024:11348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11348" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0005.html", "reference_id": "sa-2024-0005.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T19:15:39Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0005.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47537" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hjf-zva4-ekcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68427?format=api", "vulnerability_id": "VCID-6rvw-7p62-rbdf", "summary": "gstreamer1-plugins-good: GStreamer MP4 Parser Heap Overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47183.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04068", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04046", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04066", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04085", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04169", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04178", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05852", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05888", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05898", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06631", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06503", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47183" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387141", "reference_id": "2387141", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387141" }, { "reference_url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md", "reference_id": "ATREDIS-2025-0003.md", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-11T19:44:07Z/" } ], "url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md" }, { "reference_url": "https://gstreamer.freedesktop.org/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-11T19:44:07Z/" } ], "url": "https://gstreamer.freedesktop.org/security/" }, { "reference_url": "https://usn.ubuntu.com/7717-1/", "reference_id": "USN-7717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7717-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/995068?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.26.2-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.26.2-1" } ], "aliases": [ "CVE-2025-47183" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rvw-7p62-rbdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36378?format=api", "vulnerability_id": "VCID-92kd-us53-qubg", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47598.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47598.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47598", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19956", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20013", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29239", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29147", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29174", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29151", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29102", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28981", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2887", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28798", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29135", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46354", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4642", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47598" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331761", "reference_id": "2331761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331761" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:40:02Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-246_Gstreamer/", "reference_id": "GHSL-2024-246_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:40:02Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-246_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0006.html", "reference_id": "sa-2024-0006.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:40:02Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0006.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47598" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92kd-us53-qubg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36394?format=api", "vulnerability_id": "VCID-a741-fvg4-h3at", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20224", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29518", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29522", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29477", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29425", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29445", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29418", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29372", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29255", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29143", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29076", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29478", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.46907", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4697", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47775" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331744", "reference_id": "2331744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331744" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch", "reference_id": "8042.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:06:26Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/", "reference_id": "GHSL-2024-261_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:06:26Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html", "reference_id": "sa-2024-0027.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:06:26Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47775" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a741-fvg4-h3at" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68428?format=api", "vulnerability_id": "VCID-bpqa-ngtx-pbes", "summary": "gstreamer1-plugins-good: GStreamer MP4 Parser Heap Overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26095", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26135", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25969", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2602", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27982", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27924", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27874", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27917", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27935", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33336", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33254", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33356", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35502", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35572", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387142", "reference_id": "2387142", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387142" }, { "reference_url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md", "reference_id": "ATREDIS-2025-0003.md", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-08T15:54:29Z/" } ], "url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md" }, { "reference_url": "https://gstreamer.freedesktop.org/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-08T15:54:29Z/" } ], "url": "https://gstreamer.freedesktop.org/security/" }, { "reference_url": "https://usn.ubuntu.com/7717-1/", "reference_id": "USN-7717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7717-1/" }, { "reference_url": "https://usn.ubuntu.com/7837-1/", "reference_id": "USN-7837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2025-47219" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bpqa-ngtx-pbes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36384?format=api", "vulnerability_id": "VCID-f1qr-vrev-tbdc", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47601.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47601.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28716", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28764", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39668", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39677", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39642", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39625", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39676", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39647", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39563", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39383", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39368", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52093", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52143", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47601" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331752", "reference_id": "2331752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331752" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch", "reference_id": "8057.patch", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:25:58Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-249_Gstreamer/", "reference_id": "GHSL-2024-249_Gstreamer", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:25:58Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-249_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0020.html", "reference_id": "sa-2024-0020.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:25:58Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0020.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47601" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f1qr-vrev-tbdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36396?format=api", "vulnerability_id": "VCID-fp9x-81jx-fbhz", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20224", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29518", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29522", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29477", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29425", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29445", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29418", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29372", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29255", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29143", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29076", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29478", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.46907", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4697", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47776" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331750", "reference_id": "2331750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331750" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch", "reference_id": "8042.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:06:46Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-260_Gstreamer/", "reference_id": "GHSL-2024-260_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:06:46Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-260_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html", "reference_id": "sa-2024-0027.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:06:46Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47776" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fp9x-81jx-fbhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36390?format=api", "vulnerability_id": "VCID-h2zj-j6va-v7hs", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47613.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47613.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23318", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23301", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2326", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23254", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23235", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23042", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23035", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23032", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23366", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23407", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23195", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23268", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28206", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28262", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47613" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331753", "reference_id": "2331753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331753" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8041.patch", "reference_id": "8041.patch", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:17:34Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8041.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-115_GHSL-2024-118_Gstreamer/", "reference_id": "GHSL-2024-115_GHSL-2024-118_Gstreamer", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:17:34Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-115_GHSL-2024-118_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11119", "reference_id": "RHSA-2024:11119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11121", "reference_id": "RHSA-2024:11121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11122", "reference_id": "RHSA-2024:11122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11148", "reference_id": "RHSA-2024:11148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11149", "reference_id": "RHSA-2024:11149", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11298", "reference_id": "RHSA-2024:11298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11299", "reference_id": "RHSA-2024:11299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11344", "reference_id": "RHSA-2024:11344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11346", "reference_id": "RHSA-2024:11346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11348", "reference_id": "RHSA-2024:11348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11348" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0025.html", "reference_id": "sa-2024-0025.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:17:34Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0025.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47613" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2zj-j6va-v7hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36393?format=api", "vulnerability_id": "VCID-hatr-ngra-qqb6", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17737", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17784", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26574", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26623", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26583", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26533", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26467", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26406", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.264", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26344", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26506", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.42957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.4288", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47774" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/github/securitylab-vulnerabilities/issues/1826", "reference_id": "1826", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:15:00Z/" } ], "url": "https://github.com/github/securitylab-vulnerabilities/issues/1826" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331739", "reference_id": "2331739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331739" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043.patch", "reference_id": "8043.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:15:00Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-262_Gstreamer/", "reference_id": "GHSL-2024-262_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:15:00Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-262_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47774" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hatr-ngra-qqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36385?format=api", "vulnerability_id": "VCID-hmn3-mxh5-73fj", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23224", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32874", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32835", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3281", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32852", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32829", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32793", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32643", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32528", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32445", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32796", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43458", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43382", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331759", "reference_id": "2331759", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331759" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch", "reference_id": "8057.patch", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:24:18Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-250_Gstreamer/", "reference_id": "GHSL-2024-250_Gstreamer", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:24:18Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-250_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0019.html", "reference_id": "sa-2024-0019.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:24:18Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0019.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47602" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmn3-mxh5-73fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36388?format=api", "vulnerability_id": "VCID-hxhp-4xdt-fqfp", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47606.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47606.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41556", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41584", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56394", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56399", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56409", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56385", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.564", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56369", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56291", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56311", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.5629", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72651", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.7262", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47606" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331760", "reference_id": "2331760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331760" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032.patch", "reference_id": "8032.patch", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-12-11T20:43:34Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-166_Gstreamer/", "reference_id": "GHSL-2024-166_Gstreamer", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-12-11T20:43:34Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-166_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11119", "reference_id": "RHSA-2024:11119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11121", "reference_id": "RHSA-2024:11121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11122", "reference_id": "RHSA-2024:11122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11148", "reference_id": "RHSA-2024:11148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11149", "reference_id": "RHSA-2024:11149", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11298", "reference_id": "RHSA-2024:11298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11299", "reference_id": "RHSA-2024:11299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11344", "reference_id": "RHSA-2024:11344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11346", "reference_id": "RHSA-2024:11346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11348", "reference_id": "RHSA-2024:11348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11348" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0014.html", "reference_id": "sa-2024-0014.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-12-11T20:43:34Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0014.html" }, { "reference_url": "https://usn.ubuntu.com/7174-1/", "reference_id": "USN-7174-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7174-1/" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47606" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hxhp-4xdt-fqfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36380?format=api", "vulnerability_id": "VCID-jzft-takg-afb4", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21862", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22092", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21905", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21894", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21882", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21789", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22212", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2226", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22043", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22124", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22178", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22198", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22158", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47599" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331748", "reference_id": "2331748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331748" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8040.patch", "reference_id": "8040.patch", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:37:52Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8040.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-247_Gstreamer/", "reference_id": "GHSL-2024-247_Gstreamer", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:37:52Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-247_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0016.html", "reference_id": "sa-2024-0016.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:37:52Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0016.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47599" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jzft-takg-afb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36398?format=api", "vulnerability_id": "VCID-kfe8-dy9e-ryc5", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24622", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24659", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34751", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.3468", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34755", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34716", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34691", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34726", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34711", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50024", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50078", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50065", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.5007", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62199", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.6215", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331743", "reference_id": "2331743", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331743" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch", "reference_id": "8042.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:12:16Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-258_Gstreamer/", "reference_id": "GHSL-2024-258_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:12:16Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-258_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html", "reference_id": "sa-2024-0027.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:12:16Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47778" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfe8-dy9e-ryc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36374?format=api", "vulnerability_id": "VCID-n1x7-a5e5-ckec", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32652", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32688", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42755", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42533", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42705", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42722", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42767", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42615", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42692", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45028", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44976", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45029", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45051", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55589", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55636", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47545" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331763", "reference_id": "2331763", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331763" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:44:03Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-242_Gstreamer/", "reference_id": "GHSL-2024-242_Gstreamer", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:44:03Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-242_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0010.html", "reference_id": "sa-2024-0010.html", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:44:03Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0010.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47545" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1x7-a5e5-ckec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36369?format=api", "vulnerability_id": "VCID-p46s-buwz-h3by", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47540.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61752", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61782", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72345", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72328", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72315", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72357", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72366", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72354", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72397", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72406", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72403", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72272", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.7231", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79863", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79887", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47540" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331719", "reference_id": "2331719", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331719" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch", "reference_id": "8057.patch", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:34:42Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-197_GStreamer/", "reference_id": "GHSL-2024-197_GStreamer", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:34:42Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-197_GStreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11119", "reference_id": "RHSA-2024:11119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11121", "reference_id": "RHSA-2024:11121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11122", "reference_id": "RHSA-2024:11122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11148", "reference_id": "RHSA-2024:11148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11149", "reference_id": "RHSA-2024:11149", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11298", "reference_id": "RHSA-2024:11298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11299", "reference_id": "RHSA-2024:11299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11344", "reference_id": "RHSA-2024:11344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11346", "reference_id": "RHSA-2024:11346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11348", "reference_id": "RHSA-2024:11348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11348" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0017.html", "reference_id": "sa-2024-0017.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T14:34:42Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0017.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47540" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p46s-buwz-h3by" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36397?format=api", "vulnerability_id": "VCID-t93h-vv13-4bck", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47777.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47777.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47777", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21348", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21403", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30726", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3068", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30704", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30686", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30653", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30476", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30362", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30281", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30734", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.4884", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48903", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47777" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331741", "reference_id": "2331741", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331741" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch", "reference_id": "8042.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:07:19Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-259_Gstreamer/", "reference_id": "GHSL-2024-259_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:07:19Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-259_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html", "reference_id": "sa-2024-0027.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:07:19Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0027.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47777" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t93h-vv13-4bck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36375?format=api", "vulnerability_id": "VCID-uj8y-np9h-8qg6", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30166", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30213", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39563", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39647", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39676", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39625", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39368", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39383", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39642", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41569", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4151", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4156", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52093", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52143", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47546" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331756", "reference_id": "2331756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331756" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:42:31Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-243_Gstreamer/", "reference_id": "GHSL-2024-243_Gstreamer", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:42:31Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-243_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0013.html", "reference_id": "sa-2024-0013.html", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-13T17:42:31Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0013.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47546" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uj8y-np9h-8qg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36377?format=api", "vulnerability_id": "VCID-v4u8-zktd-cfaq", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47597.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47597.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47597", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23502", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31578", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3161", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31632", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31598", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31274", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31194", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.314", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31634", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3314", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33183", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33219", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50225", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50278", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47597" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331755", "reference_id": "2331755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331755" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:50:51Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-245_Gstreamer/", "reference_id": "GHSL-2024-245_Gstreamer", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:50:51Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-245_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0012.html", "reference_id": "sa-2024-0012.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T21:50:51Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0012.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47597" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v4u8-zktd-cfaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36373?format=api", "vulnerability_id": "VCID-wxcy-bnsr-qkdn", "summary": "Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47544.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28716", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28764", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39668", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39677", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39642", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39625", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39676", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39647", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39563", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39383", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39368", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52093", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52143", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47544" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331751", "reference_id": "2331751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331751" }, { "reference_url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch", "reference_id": "8059.patch", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T16:37:30Z/" } ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-238_Gstreamer/", "reference_id": "GHSL-2024-238_Gstreamer", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T16:37:30Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-238_Gstreamer/" }, { "reference_url": "https://security.gentoo.org/glsa/202506-02", "reference_id": "GLSA-202506-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7242", "reference_id": "RHSA-2025:7242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7242" }, { "reference_url": "https://gstreamer.freedesktop.org/security/sa-2024-0011.html", "reference_id": "sa-2024-0011.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T16:37:30Z/" } ], "url": "https://gstreamer.freedesktop.org/security/sa-2024-0011.html" }, { "reference_url": "https://usn.ubuntu.com/7176-1/", "reference_id": "USN-7176-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7176-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995067?format=api", "purl": "pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1g9u-gemh-83bw" }, { "vulnerability": "VCID-4ka2-hbcv-8uh2" }, { "vulnerability": "VCID-6rvw-7p62-rbdf" }, { "vulnerability": "VCID-7q23-vqfb-mfh8" }, { "vulnerability": "VCID-upbh-pvqc-4ubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" } ], "aliases": [ "CVE-2024-47544" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxcy-bnsr-qkdn" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3" }