Debian Gstreamer1.0 vulnerabilities

CVE-2025-2759 [HIGH] CVE-2025-2759: gstreamer1.0 - GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerabili... GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of GStreamer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produc

CVE-2024-47606 [HIGH] CVE-2024-47606: gst-plugins-good1.0 - GStreamer is a library for constructing graphs of media-handling components. An ... GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negati

CVE-2017-5838 [HIGH] CVE-2017-5838: gstreamer1.0 - The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStre... The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (fixed in 1.10.3-1) forky: resolved (fixed in 1.10.3-1) sid: resolved (fixed in 1.1