rpm package
opensuse/libaom&distro=openSUSE Leap 15.0
pkg:rpm/opensuse/libaom&distro=openSUSE%20Leap%2015.0
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-5460 | — | < 1.0.0-lp150.2.1 | 1.0.0-lp150.2.1 | Jul 30, 2019 | Double Free in VLC versions <= 3.0.6 leads to a crash. | ||
| CVE-2019-5459 | — | < 1.0.0-lp150.2.1 | 1.0.0-lp150.2.1 | Jul 30, 2019 | An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. | ||
| CVE-2019-13962 | — | < 1.0.0-lp150.2.1 | 1.0.0-lp150.2.1 | Jul 18, 2019 | lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. | ||
| CVE-2019-13602 | — | < 1.0.0-lp150.2.1 | 1.0.0-lp150.2.1 | Jul 14, 2019 | An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. | ||
| CVE-2019-12874 | — | < 1.0.0-lp150.2.1 | 1.0.0-lp150.2.1 | Jun 18, 2019 | An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free. | ||
| CVE-2019-5439 | — | < 1.0.0-lp150.2.1 | 1.0.0-lp150.2.1 | Jun 13, 2019 | A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit. | ||
| CVE-2018-19857 | — | < 1.0.0-lp150.2.1 | 1.0.0-lp150.2.1 | Dec 5, 2018 | The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could |
- CVE-2019-5460Jul 30, 2019affected < 1.0.0-lp150.2.1fixed 1.0.0-lp150.2.1
Double Free in VLC versions <= 3.0.6 leads to a crash.
- CVE-2019-5459Jul 30, 2019affected < 1.0.0-lp150.2.1fixed 1.0.0-lp150.2.1
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
- CVE-2019-13962Jul 18, 2019affected < 1.0.0-lp150.2.1fixed 1.0.0-lp150.2.1
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
- CVE-2019-13602Jul 14, 2019affected < 1.0.0-lp150.2.1fixed 1.0.0-lp150.2.1
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
- CVE-2019-12874Jun 18, 2019affected < 1.0.0-lp150.2.1fixed 1.0.0-lp150.2.1
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
- CVE-2019-5439Jun 13, 2019affected < 1.0.0-lp150.2.1fixed 1.0.0-lp150.2.1
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
- CVE-2018-19857Dec 5, 2018affected < 1.0.0-lp150.2.1fixed 1.0.0-lp150.2.1
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could