FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-03-27 11:35:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
750ab972-b3e8-11ef-b680-4ccc6adda413	gstreamer1-plugins-good -- multiple vulnerabilities The GStreamer Security Center reports: 20 security bugs. CVE-2024-47537: Integer overflow in MP4/MOV sample table parser leading to out-of-bounds writes CVE-2024-47598: MP4/MOV sample table parser out-of-bounds read CVE-2024-47539: MP4/MOV Closed Caption handling out-of-bounds write CVE-2024-47543: MP4/MOV demuxer out-of-bounds read CVE-2024-47545: Integer overflow in MP4/MOV demuxer that can result in out-of-bounds read CVE-2024-47544: NULL-pointer dereferences in MP4/MOV demuxer CENC handling CVE-2024-47597: Out-of-bounds reads in MP4/MOV demuxer sample table parser CVE-2024-47546: Integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads CVE-2024-47606: Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes CVE-2024-47596: Integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads CVE-2024-47540: Usage of uninitialized stack memory in Matroska/WebM demuxer CVE-2024-47602: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer CVE-2024-47601: NULL-pointer dereference in Matroska/WebM demuxer CVE-2024-47603: NULL-pointer dereference in Matroska/WebM demuxer CVE-2024-47775: Out-of-bounds read in WAV parser CVE-2024-47776: Out-of-bounds read in WAV parser CVE-2024-47777: Out-of-bounds read in WAV parser CVE-2024-47778: Out-of-bounds read in WAV parser CVE-2024-47774: Integer overflow in AVI subtitle parser that leads to out-of-bounds reads CVE-2024-47834: Use-after-free in Matroska demuxer Discovery 2024-12-03 Entry 2024-12-06 gstreamer1-plugins-good < 1.24.10 CVE-2024-47537 https://gstreamer.freedesktop.org/security/sa-2024-0005.html CVE-2024-47598 https://gstreamer.freedesktop.org/security/sa-2024-0006.html CVE-2024-47539 https://gstreamer.freedesktop.org/security/sa-2024-0007.html CVE-2024-47543 https://gstreamer.freedesktop.org/security/sa-2024-0009.html CVE-2024-47545 https://gstreamer.freedesktop.org/security/sa-2024-0010.html CVE-2024-47544 https://gstreamer.freedesktop.org/security/sa-2024-0011.html CVE-2024-47597 https://gstreamer.freedesktop.org/security/sa-2024-0012.html CVE-2024-47546 https://gstreamer.freedesktop.org/security/sa-2024-0013.html CVE-2024-47606 https://gstreamer.freedesktop.org/security/sa-2024-0014.html CVE-2024-47596 https://gstreamer.freedesktop.org/security/sa-2024-0015.html CVE-2024-47540 https://gstreamer.freedesktop.org/security/sa-2024-0017.html CVE-2024-47602 https://gstreamer.freedesktop.org/security/sa-2024-0019.html CVE-2024-47601 https://gstreamer.freedesktop.org/security/sa-2024-0020.html CVE-2024-47603 https://gstreamer.freedesktop.org/security/sa-2024-0021.html CVE-2024-47775 https://gstreamer.freedesktop.org/security/sa-2024-0027.html CVE-2024-47776 https://gstreamer.freedesktop.org/security/sa-2024-0027.html CVE-2024-47777 https://gstreamer.freedesktop.org/security/sa-2024-0027.html CVE-2024-47778 https://gstreamer.freedesktop.org/security/sa-2024-0027.html CVE-2024-47835 https://gstreamer.freedesktop.org/security/sa-2024-0028.html CVE-2024-47834 https://gstreamer.freedesktop.org/security/sa-2024-0030.html
791d4b29-19fb-11f1-87cc-e73692421fef	gstreamer1 -- multiple vulnerabilities The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.1 release: Twelve security vulnerabilities were addressed, including: Out-of-bounds reads and writes in the H.266 video parser, WAV parser, MP4 and ASF demuxers, and DVB subtitle decoder. Integer overflows in the RIFF parser and Huffman table handling in the JPEG parser. Stack buffer overflows in the RTP QDM2 depayloader and H.266 parser. These could lead to application crashes or potentially arbitrary code execution. Discovery 2026-02-25 Entry 2026-03-07 gstreamer1 < 1.28.1 gstreamer1-plugins < 1.28.1 gstreamer1-plugins-good < 1.28.1 gstreamer1-plugins-bad < 1.28.1 gstreamer1-plugins-ugly < 1.28.1 CVE-2026-1940 CVE-2026-3082 CVE-2026-2921 CVE-2026-2922 CVE-2026-2920 CVE-2026-2923 CVE-2026-3083 CVE-2026-3085 CVE-2026-3086 CVE-2026-3081 CVE-2026-3084 https://gstreamer.freedesktop.org/security/sa-2026-0001.html https://gstreamer.freedesktop.org/security/sa-2026-0002.html https://gstreamer.freedesktop.org/security/sa-2026-0003.html https://gstreamer.freedesktop.org/security/sa-2026-0004.html https://gstreamer.freedesktop.org/security/sa-2026-0005.html https://gstreamer.freedesktop.org/security/sa-2026-0006.html https://gstreamer.freedesktop.org/security/sa-2026-0007.html https://gstreamer.freedesktop.org/security/sa-2026-0008.html https://gstreamer.freedesktop.org/security/sa-2026-0009.html https://gstreamer.freedesktop.org/security/sa-2026-0010.html https://gstreamer.freedesktop.org/security/sa-2026-0011.html https://gstreamer.freedesktop.org/security/sa-2026-0012.html

VuXML ID

Description

750ab972-b3e8-11ef-b680-4ccc6adda413

gstreamer1-plugins-good -- multiple vulnerabilities

The GStreamer Security Center reports:

20 security bugs.

CVE-2024-47537: Integer overflow in MP4/MOV sample table parser leading to out-of-bounds writes

CVE-2024-47598: MP4/MOV sample table parser out-of-bounds read

CVE-2024-47539: MP4/MOV Closed Caption handling out-of-bounds write

CVE-2024-47543: MP4/MOV demuxer out-of-bounds read

CVE-2024-47545: Integer overflow in MP4/MOV demuxer that can result in out-of-bounds read

CVE-2024-47544: NULL-pointer dereferences in MP4/MOV demuxer CENC handling

CVE-2024-47597: Out-of-bounds reads in MP4/MOV demuxer sample table parser

CVE-2024-47546: Integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads

CVE-2024-47606: Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

CVE-2024-47596: Integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads

CVE-2024-47540: Usage of uninitialized stack memory in Matroska/WebM demuxer

CVE-2024-47602: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer

CVE-2024-47601: NULL-pointer dereference in Matroska/WebM demuxer

CVE-2024-47603: NULL-pointer dereference in Matroska/WebM demuxer

CVE-2024-47775: Out-of-bounds read in WAV parser

CVE-2024-47776: Out-of-bounds read in WAV parser

CVE-2024-47777: Out-of-bounds read in WAV parser

CVE-2024-47778: Out-of-bounds read in WAV parser

CVE-2024-47774: Integer overflow in AVI subtitle parser that leads to out-of-bounds reads

CVE-2024-47834: Use-after-free in Matroska demuxer

Discovery 2024-12-03
Entry 2024-12-06
gstreamer1-plugins-good

< 1.24.10

CVE-2024-47537
https://gstreamer.freedesktop.org/security/sa-2024-0005.html
CVE-2024-47598
https://gstreamer.freedesktop.org/security/sa-2024-0006.html
CVE-2024-47539
https://gstreamer.freedesktop.org/security/sa-2024-0007.html
CVE-2024-47543
https://gstreamer.freedesktop.org/security/sa-2024-0009.html
CVE-2024-47545
https://gstreamer.freedesktop.org/security/sa-2024-0010.html
CVE-2024-47544
https://gstreamer.freedesktop.org/security/sa-2024-0011.html
CVE-2024-47597
https://gstreamer.freedesktop.org/security/sa-2024-0012.html
CVE-2024-47546
https://gstreamer.freedesktop.org/security/sa-2024-0013.html
CVE-2024-47606
https://gstreamer.freedesktop.org/security/sa-2024-0014.html
CVE-2024-47596
https://gstreamer.freedesktop.org/security/sa-2024-0015.html
CVE-2024-47540
https://gstreamer.freedesktop.org/security/sa-2024-0017.html
CVE-2024-47602
https://gstreamer.freedesktop.org/security/sa-2024-0019.html
CVE-2024-47601
https://gstreamer.freedesktop.org/security/sa-2024-0020.html
CVE-2024-47603
https://gstreamer.freedesktop.org/security/sa-2024-0021.html
CVE-2024-47775
https://gstreamer.freedesktop.org/security/sa-2024-0027.html
CVE-2024-47776
https://gstreamer.freedesktop.org/security/sa-2024-0027.html
CVE-2024-47777
https://gstreamer.freedesktop.org/security/sa-2024-0027.html
CVE-2024-47778
https://gstreamer.freedesktop.org/security/sa-2024-0027.html
CVE-2024-47835
https://gstreamer.freedesktop.org/security/sa-2024-0028.html
CVE-2024-47834
https://gstreamer.freedesktop.org/security/sa-2024-0030.html

791d4b29-19fb-11f1-87cc-e73692421fef

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.1 release:

Twelve security vulnerabilities were addressed, including:

Out-of-bounds reads and writes in the H.266 video parser, WAV parser, MP4 and ASF demuxers, and DVB subtitle decoder.

Integer overflows in the RIFF parser and Huffman table handling in the JPEG parser.

Stack buffer overflows in the RTP QDM2 depayloader and H.266 parser.

These could lead to application crashes or potentially arbitrary code execution.

Discovery 2026-02-25
Entry 2026-03-07
gstreamer1

< 1.28.1

gstreamer1-plugins

< 1.28.1

gstreamer1-plugins-good

< 1.28.1

gstreamer1-plugins-bad

< 1.28.1

gstreamer1-plugins-ugly

< 1.28.1

CVE-2026-1940
CVE-2026-3082
CVE-2026-2921
CVE-2026-2922
CVE-2026-2920
CVE-2026-2923
CVE-2026-3083
CVE-2026-3085
CVE-2026-3086
CVE-2026-3081
CVE-2026-3084
https://gstreamer.freedesktop.org/security/sa-2026-0001.html
https://gstreamer.freedesktop.org/security/sa-2026-0002.html
https://gstreamer.freedesktop.org/security/sa-2026-0003.html
https://gstreamer.freedesktop.org/security/sa-2026-0004.html
https://gstreamer.freedesktop.org/security/sa-2026-0005.html
https://gstreamer.freedesktop.org/security/sa-2026-0006.html
https://gstreamer.freedesktop.org/security/sa-2026-0007.html
https://gstreamer.freedesktop.org/security/sa-2026-0008.html
https://gstreamer.freedesktop.org/security/sa-2026-0009.html
https://gstreamer.freedesktop.org/security/sa-2026-0010.html
https://gstreamer.freedesktop.org/security/sa-2026-0011.html
https://gstreamer.freedesktop.org/security/sa-2026-0012.html