rpm package
suse/vlc&distro=SUSE Package Hub 15 SP3
pkg:rpm/suse/vlc&distro=SUSE%20Package%20Hub%2015%20SP3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-41325 | Hig | 7.8 | < 3.0.18-bp153.2.6.1 | 3.0.18-bp153.2.6.1 | Dec 6, 2022 | An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions. | |
| CVE-2021-0561 | Med | 5.5 | < 3.0.18-bp153.2.6.1 | 3.0.18-bp153.2.6.1 | Jun 22, 2021 | In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produc | |
| CVE-2020-0499 | Med | 4.3 | < 3.0.18-bp153.2.6.1 | 3.0.18-bp153.2.6.1 | Dec 15, 2020 | In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: An |
- affected < 3.0.18-bp153.2.6.1fixed 3.0.18-bp153.2.6.1
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
- affected < 3.0.18-bp153.2.6.1fixed 3.0.18-bp153.2.6.1
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produc
- affected < 3.0.18-bp153.2.6.1fixed 3.0.18-bp153.2.6.1
In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: An