Your submission was sent successfully! Close

CVE-2021-25801

Published: 26 July 2021

A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

Priority

Medium

CVSS 3 base score: 7.1

Status

Package Release Status
vlc
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

hirsute Not vulnerable
(3.0.12-3)
impish Not vulnerable

jammy Not vulnerable

trusty Does not exist

upstream
Released (3.0.12-1)
xenial Ignored
(out of standard support)