{"affected":[{"ecosystem_specific":{"binaries":[{"gstreamer-plugins-base":"1.22.9-3.1","libgstallocators-1_0-0":"1.22.9-3.1","libgstapp-1_0-0":"1.22.9-3.1","libgstaudio-1_0-0":"1.22.9-3.1","libgstgl-1_0-0":"1.22.9-3.1","libgstpbutils-1_0-0":"1.22.9-3.1","libgstriff-1_0-0":"1.22.9-3.1","libgsttag-1_0-0":"1.22.9-3.1","libgstvideo-1_0-0":"1.22.9-3.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"gstreamer-plugins-base","purl":"pkg:rpm/suse/gstreamer-plugins-base&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.22.9-3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for gstreamer-plugins-base fixes the following issues:\n\n- CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244403)\n- CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244404)\n- CVE-2025-47806: Fixed Stack buffer overflow in SubRip subtitle parser (bsc#1244407)\n","id":"SUSE-SU-2025:20507-1","modified":"2025-07-24T11:46:58Z","published":"2025-07-24T11:46:58Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520507-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244403"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244404"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244407"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-47806"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-47807"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-47808"}],"related":["CVE-2025-47806","CVE-2025-47807","CVE-2025-47808"],"summary":"Security update for gstreamer-plugins-base","upstream":["CVE-2025-47806","CVE-2025-47807","CVE-2025-47808"]}