GStreamer before 1.18.4 might do an out-of-bounds read when handling certain ID3v2 tags. Reference: https://gstreamer.freedesktop.org/security/sa-2021-0001.html
Created mingw-gstreamer-plugins-base tracking bugs for this issue: Affects: fedora-all [bug 1954762]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3522