rpm package
opensuse/vlc&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/vlc&distro=openSUSE%20Leap%2015.5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5217 | — | KEV | < 3.0.20-bp155.2.3.1 | 3.0.20-bp155.2.3.1 | Sep 28, 2023 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2022-41325 | — | < 3.0.20-bp155.2.3.1 | 3.0.20-bp155.2.3.1 | Dec 6, 2022 | An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions. | ||
| CVE-2022-37434 | — | < 3.0.20-bp155.2.3.1 | 3.0.20-bp155.2.3.1 | Aug 5, 2022 | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable t |
- affected < 3.0.20-bp155.2.3.1fixed 3.0.20-bp155.2.3.1
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2022-41325Dec 6, 2022affected < 3.0.20-bp155.2.3.1fixed 3.0.20-bp155.2.3.1
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
- CVE-2022-37434Aug 5, 2022affected < 3.0.20-bp155.2.3.1fixed 3.0.20-bp155.2.3.1
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable t