Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ufqp-rwut-g3dc
SummaryThe StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.
Aliases
0
alias CVE-2011-0522
Fixed_packages
0
url pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie
purl pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1squeeze2%3Fdistro=trixie
1
url pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie
5
url pkg:ebuild/media-video/vlc@2.1.2
purl pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0522
reference_id
reference_type
scores
0
value 0.66189
scoring_system epss
scoring_elements 0.98542
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0522
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt
reference_id CVE-2011-0522;OSVDB-72906;OSVDB-72905
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt
3
reference_url https://security.gentoo.org/glsa/201411-01
reference_id GLSA-201411-01
reference_type
scores
url https://security.gentoo.org/glsa/201411-01
Weaknesses
Exploits
0
date_added 2011-02-03
description VideoLAN VLC Media Player 1.1 - Subtitle 'StripTags()' Memory Corruption
required_action null
due_date null
notes null
known_ransomware_campaign_use false
source_date_published 2011-02-03
exploit_type dos
platform multiple
source_date_updated 2016-11-15
data_source Exploit-DB
source_url
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ufqp-rwut-g3dc