CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25801

A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.026

EPSS Ranking 85.1%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 5.8

References

https://code.videolan.org/videolan/vlc-3.0/-/commit/f5f8cc3ab8825f178de3f6714bfbff8b3f293fd2
https://code.videolan.org/videolan/vlc-3.0/-/commit/f5f8cc3ab8825f178de3f6714bfbff8b3f293fd2

Products affected by CVE-2021-25801

Videolan » Vlc Media Player » Version: 3.0.11

cpe:2.3:a:videolan:vlc_media_player:3.0.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25801

Products

Pricing

Contact Us