EPSS
Percentile
84.4%
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
bugzilla.redhat.com/show_bug.cgi?id=1401918