CVE-2019-9928
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-9928
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9928.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-9928
- Related
- Published
- 2019-04-24T15:29:02Z
- Modified
- 2024-12-05T15:25:43.694675Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
- References
-
- https://gstreamer.freedesktop.org/security/
- https://gstreamer.freedesktop.org/security/sa-2019-0001.html
- https://security.gentoo.org/glsa/202003-33
- https://www.debian.org/security/2019/dsa-4437
- https://lists.debian.org/debian-lts-announce/2019/04/msg00030.html
- https://lists.debian.org/debian-lts-announce/2019/04/msg00031.html
- https://seclists.org/bugtraq/2019/Apr/39
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00078.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00082.html
- http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00049.html
- https://usn.ubuntu.com/3958-1/
- https://security.alpinelinux.org/vuln/CVE-2019-9928
- https://security-tracker.debian.org/tracker/CVE-2019-9928
Affected packages
Alpine:v3.10 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.11 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.12 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.13 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.14 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.15 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.16 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.17 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.18 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.19 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.20 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.21 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Alpine:v3.9 / gst-plugins-base
Package
- Name
- gst-plugins-base
- Purl
- pkg:apk/alpine/gst-plugins-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.14.4-r1
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.10.4-r0
1.10.4-r1
1.12.0-r0
1.12.1-r0
1.12.1-r1
1.12.1-r2
1.12.3-r0
1.12.3-r1
1.14.0-r0
1.14.0-r1
1.14.1-r0
1.14.2-r0
1.14.4-r0
Debian:11 / gst-plugins-base1.0
Package
- Name
- gst-plugins-base1.0
- Purl
- pkg:deb/debian/gst-plugins-base1.0?arch=source
Debian:12 / gst-plugins-base1.0
Package
- Name
- gst-plugins-base1.0
- Purl
- pkg:deb/debian/gst-plugins-base1.0?arch=source
Debian:13 / gst-plugins-base1.0
Package
- Name
- gst-plugins-base1.0
- Purl
- pkg:deb/debian/gst-plugins-base1.0?arch=source
Git / github.com/gstreamer/gstreamer
Affected ranges
- Type
- GIT
- Repo
- https://github.com/gstreamer/gstreamer
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
gstreamer-vaapi-0.*
gstreamer-vaapi-0.5.10
gstreamer-vaapi-0.6.0
gstreamer-vaapi-0.7.0
gstreamer-vaapi-1.*
gstreamer-vaapi-1.10.0
gstreamer-vaapi-1.11.0
gstreamer-vaapi-1.11.1
gstreamer-vaapi-1.11.2
gstreamer-vaapi-1.11.90
gstreamer-vaapi-1.11.91
gstreamer-vaapi-1.12.0
gstreamer-vaapi-1.13.1
gstreamer-vaapi-1.13.90
gstreamer-vaapi-1.13.91
gstreamer-vaapi-1.14.0
gstreamer-vaapi-1.15.1
gstreamer-vaapi-1.15.2
gstreamer-vaapi-1.15.90
gstreamer-vaapi-1.6.0
gstreamer-vaapi-1.7.90
gstreamer-vaapi-1.7.91
gstreamer-vaapi-1.8.0
gstreamer-vaapi-1.9.1
gstreamer-vaapi-1.9.2
gstreamer-vaapi-1.9.90