QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-47599

Back to search

CVE-2024-47599

Published: Dec 11, 2024

Modified: Nov 3, 2025

PUBLISHED

Description

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10.

VendorProductVersions

gstreamer

gstreamer

affected
< 1.24.10

Weaknesses (CWE)

CWE-476

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now