CVE-2024-47544

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-47544

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47544.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-47544

Downstream

DEBIAN-CVE-2024-47544

DLA-4071-1

DSA-5838-1

MINI-rr4f-6pg2-5hqr

OESA-2024-2592

OESA-2024-2593

OESA-2024-2594

OESA-2024-2595

OESA-2024-2596

RHSA-2025:7242

RLSA-2025:7242

SUSE-SU-2025:0055-1

SUSE-SU-2025:0063-1

SUSE-SU-2025:0064-1

SUSE-SU-2025:0067-1

SUSE-SU-2025:02055-1

UBUNTU-CVE-2024-47544

USN-7176-1

Related

Published

2024-12-11T18:57:31Z

Modified

2025-10-14T14:33:07Z

Severity

6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator

Summary

GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling

Details

GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10.

References

Affected packages

Git /

Affected ranges

Database specific

{
    "unresolved_versions": [
        {
            "events": [
                {
                    "introduced": "0"
                },
                {
                    "fixed": "1.24.10"
                }
            ],
            "type": ""
        }
    ]
}