CVE-2020-6095
published 2020-03-27CVE-2020-6095: An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gst-rtsp-server1.0 | < gst-rtsp-server1.0 1.16.2-3 (bookworm) | gst-rtsp-server1.0 1.16.2-3 (bookworm) |
| gstreamer_project | gst-rtsp-server | — | — |
| opensuse | backports_sle | — | — |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH