{"url":"http://public2.vulnerablecode.io/api/packages/995068?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.26.2-1","type":"deb","namespace":"debian","name":"gst-plugins-good1.0","version":"1.26.2-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.28.2-3","latest_non_vulnerable_version":"1.28.2-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64432?format=json","vulnerability_id":"VCID-1g9u-gemh-83bw","summary":"gstreamer: incomplete fix of CVE-2026-1940","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1940.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1940.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1940","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04056","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04071","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04076","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04079","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04068","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04042","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04031","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04043","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04165","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04968","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04972","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1940"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1940","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1940"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436932","reference_id":"2436932","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436932"},{"reference_url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/4854","reference_id":"4854","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/"}],"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/4854"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-1940","reference_id":"CVE-2026-1940","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-1940"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2026-1940","reference_id":"CVE-2026-1940","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2026-1940"},{"reference_url":"https://gstreamer.freedesktop.org/security/sa-2026-0001.html","reference_id":"sa-2026-0001.html","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T13:43:35Z/"}],"url":"https://gstreamer.freedesktop.org/security/sa-2026-0001.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995069?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1067264?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.2-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1077794?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.2-3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-3"}],"aliases":["CVE-2026-1940"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1g9u-gemh-83bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64265?format=json","vulnerability_id":"VCID-4ka2-hbcv-8uh2","summary":"GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3085.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3085.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3085","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50739","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50765","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50721","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50777","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50817","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50793","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50778","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53222","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53196","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53209","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53171","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53234","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.5324","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3085"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447495","reference_id":"2447495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447495"},{"reference_url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf","reference_id":"d60a94dee3c0a0942c9981491bf83e0de1900fbf","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T20:25:47Z/"}],"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6259","reference_id":"RHSA-2026:6259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6300","reference_id":"RHSA-2026:6300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6750","reference_id":"RHSA-2026:6750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7673","reference_id":"RHSA-2026:7673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7850","reference_id":"RHSA-2026:7850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8854","reference_id":"RHSA-2026:8854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8857","reference_id":"RHSA-2026:8857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8862","reference_id":"RHSA-2026:8862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8874","reference_id":"RHSA-2026:8874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8876","reference_id":"RHSA-2026:8876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9446","reference_id":"RHSA-2026:9446","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9447","reference_id":"RHSA-2026:9447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9487","reference_id":"RHSA-2026:9487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9488","reference_id":"RHSA-2026:9488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9488"},{"reference_url":"https://usn.ubuntu.com/8131-1/","reference_id":"USN-8131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8131-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-167/","reference_id":"ZDI-26-167","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T20:25:47Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-167/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995069?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1067264?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.2-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1077794?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.2-3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-3"}],"aliases":["CVE-2026-3085"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ka2-hbcv-8uh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64263?format=json","vulnerability_id":"VCID-upbh-pvqc-4ubn","summary":"GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3083.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3083.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3083","reference_id":"","reference_type":"","scores":[{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65814","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65862","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65844","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65809","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65873","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.65892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.6588","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.6585","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00542","scoring_system":"epss","scoring_elements":"0.67746","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00542","scoring_system":"epss","scoring_elements":"0.67732","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00542","scoring_system":"epss","scoring_elements":"0.67713","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00542","scoring_system":"epss","scoring_elements":"0.67743","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00542","scoring_system":"epss","scoring_elements":"0.67719","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3083"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447498","reference_id":"2447498","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447498"},{"reference_url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf","reference_id":"d60a94dee3c0a0942c9981491bf83e0de1900fbf","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T15:25:51Z/"}],"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d60a94dee3c0a0942c9981491bf83e0de1900fbf"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6259","reference_id":"RHSA-2026:6259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6300","reference_id":"RHSA-2026:6300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6750","reference_id":"RHSA-2026:6750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7673","reference_id":"RHSA-2026:7673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7850","reference_id":"RHSA-2026:7850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8854","reference_id":"RHSA-2026:8854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8857","reference_id":"RHSA-2026:8857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8862","reference_id":"RHSA-2026:8862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8874","reference_id":"RHSA-2026:8874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8876","reference_id":"RHSA-2026:8876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9446","reference_id":"RHSA-2026:9446","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9447","reference_id":"RHSA-2026:9447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9487","reference_id":"RHSA-2026:9487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9488","reference_id":"RHSA-2026:9488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9488"},{"reference_url":"https://usn.ubuntu.com/8131-1/","reference_id":"USN-8131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8131-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-166/","reference_id":"ZDI-26-166","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-16T15:25:51Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-166/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995069?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1067264?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.2-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1077794?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.28.2-3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.28.2-3"}],"aliases":["CVE-2026-3083"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-upbh-pvqc-4ubn"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68427?format=json","vulnerability_id":"VCID-6rvw-7p62-rbdf","summary":"gstreamer1-plugins-good: GStreamer MP4 Parser Heap Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47183.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47183","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04085","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0406","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04066","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04068","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04223","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04169","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04178","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04306","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04046","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05852","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05898","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05888","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47183"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387141","reference_id":"2387141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387141"},{"reference_url":"https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md","reference_id":"ATREDIS-2025-0003.md","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-11T19:44:07Z/"}],"url":"https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md"},{"reference_url":"https://gstreamer.freedesktop.org/security/","reference_id":"security","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-11T19:44:07Z/"}],"url":"https://gstreamer.freedesktop.org/security/"},{"reference_url":"https://usn.ubuntu.com/7717-1/","reference_id":"USN-7717-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7717-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995067?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g9u-gemh-83bw"},{"vulnerability":"VCID-4ka2-hbcv-8uh2"},{"vulnerability":"VCID-6rvw-7p62-rbdf"},{"vulnerability":"VCID-upbh-pvqc-4ubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.22.0-5%252Bdeb12u3"},{"url":"http://public2.vulnerablecode.io/api/packages/995068?format=json","purl":"pkg:deb/debian/gst-plugins-good1.0@1.26.2-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g9u-gemh-83bw"},{"vulnerability":"VCID-4ka2-hbcv-8uh2"},{"vulnerability":"VCID-upbh-pvqc-4ubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.26.2-1"}],"aliases":["CVE-2025-47183"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rvw-7p62-rbdf"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gst-plugins-good1.0@1.26.2-1"}