{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T06:13:10.627","vulnerabilities":[{"cve":{"id":"CVE-2024-47542","sourceIdentifier":"security-advisories@github.com","published":"2024-12-12T02:03:28.630","lastModified":"2026-03-17T15:52:33.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10."},{"lang":"es","value":"GStreamer es una librería para construir gráficos de componentes de manejo de medios. Se ha descubierto una desreferencia de puntero nulo en la función id3v2_read_synch_uint, ubicada en id3v2.c. Si se llama a id3v2_read_synch_uint con un work-&gt;hdr.frame_data nulo, se accede al puntero guint8 *data sin validación, lo que da como resultado una desreferencia de puntero nulo. Esta vulnerabilidad puede resultar en una denegación de servicio (DoS) al activar un error de segmentación (SEGV). Esta vulnerabilidad se corrigió en 1.24.10."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"},{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*","versionEndExcluding":"1.24.10","matchCriteriaId":"1B92A50A-2A86-49C9-9E3E-CE01EBC1987B"}]}]}],"references":[{"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033.patch","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://gstreamer.freedesktop.org/security/sa-2024-0008.html","source":"security-advisories@github.com","tags":["Patch","Release Notes","Third Party Advisory"]},{"url":"https://securitylab.github.com/advisories/GHSL-2024-235_Gstreamer/","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/12/msg00021.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}