{"id":"CVE-2021-3185","details":"A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.","modified":"2026-03-14T10:56:12.653773Z","published":"2021-01-26T18:16:28.067Z","related":["MGASA-2021-0079","SUSE-SU-2021:1819-1","SUSE-SU-2021:1873-1","SUSE-SU-2021:1875-1","SUSE-SU-2021:1904-1","SUSE-SU-2021:1944-1","openSUSE-SU-2021:0822-1","openSUSE-SU-2021:1012-1","openSUSE-SU-2021:1819-1","openSUSE-SU-2024:11776-1","openSUSE-SU-2024:11777-1","openSUSE-SU-2024:11778-1","openSUSE-SU-2024:11782-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202208-31"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1917192"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gstreamer/gst-plugins-bad","events":[{"introduced":"0"},{"fixed":"e5c3c106a2da607953fea36e3a253b382c939684"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.18.1"}]}}],"versions":["1.0.0","1.0.1","1.0.2","1.1.1","1.1.2","1.1.3","1.1.4","1.1.90","1.10.0","1.11.0","1.11.1","1.11.2","1.11.90","1.11.91","1.12.0","1.13.1","1.13.90","1.13.91","1.14.0","1.15.1","1.15.2","1.15.90","1.16.0","1.17.1","1.17.2","1.17.90","1.18.0","1.2.0","1.3.1","1.3.2","1.3.3","1.3.90","1.4.0","1.5.1","1.5.2","1.5.90","1.5.91","1.6.0","1.7.1","1.7.2","1.7.90","1.7.91","1.8.0","1.9.1","1.9.2","1.9.90","BEFORE_INDENT","BRANCH-ERROR-ROOT","BRANCH-EVENTS2-ROOT","BRANCH-GSTREAMER-0_8-ROOT","CAPS","CAPS-MERGE-3","CAPS-ROOT","CHANGELOG_START","DEBIAN-0_3_1-1","GIT_CONVERSION","MOVE-TO-FDO","OSLOSUMMIT1-200303051","RELEASE-0.10.12","RELEASE-0.10.13","RELEASE-0.10.14","RELEASE-0.10.15","RELEASE-0.10.16","RELEASE-0.10.17","RELEASE-0.10.18","RELEASE-0.10.19","RELEASE-0.10.20","RELEASE-0.10.21","RELEASE-0.10.22","RELEASE-0.11.1","RELEASE-0.11.2","RELEASE-0.11.90","RELEASE-0.11.91","RELEASE-0.11.92","RELEASE-0.11.93","RELEASE-0.11.94","RELEASE-0.11.99","RELEASE-0_10_0","RELEASE-0_10_1","RELEASE-0_10_10","RELEASE-0_10_11","RELEASE-0_10_12","RELEASE-0_10_13","RELEASE-0_10_14","RELEASE-0_10_15","RELEASE-0_10_16","RELEASE-0_10_17","RELEASE-0_10_18","RELEASE-0_10_19","RELEASE-0_10_2","RELEASE-0_10_20","RELEASE-0_10_21","RELEASE-0_10_3","RELEASE-0_10_4","RELEASE-0_10_5","RELEASE-0_10_6","RELEASE-0_10_7","RELEASE-0_10_8","RELEASE-0_10_9","RELEASE-0_9_1","RELEASE-0_9_2","RELEASE-0_9_3","RELEASE-0_9_4","RELEASE-0_9_5","RELEASE-0_9_6","RELEASE-0_9_7","TYPEFIND-ROOT","start"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3185.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}