Search for packages
Package details: pkg:deb/debian/vlc@3.0.17.4-0%2Bdeb10u1
purl pkg:deb/debian/vlc@3.0.17.4-0%2Bdeb10u1
Next non-vulnerable version 3.0.21-0+deb11u1
Latest non-vulnerable version 3.0.21-0+deb11u1
Risk 4.4
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-4ygc-xk6x-5qb5
Aliases:
CVE-2023-47360
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
3.0.21-0+deb11u1
Affected by 0 other vulnerabilities.
VCID-naqh-vqhq-b3hw
Aliases:
CVE-2024-46461
VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.
3.0.21-0+deb11u1
Affected by 0 other vulnerabilities.
VCID-skzz-xkdf-xbhw
Aliases:
CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
3.0.21-0+deb11u1
Affected by 0 other vulnerabilities.
VCID-ugj8-kgfn-dbhw
Aliases:
CVE-2023-47359
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
3.0.21-0+deb11u1
Affected by 0 other vulnerabilities.
VCID-wek2-y3ku-pbbs
Aliases:
DSA-5165-1 vlc
security update
3.0.21-0+deb11u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (7)
Vulnerability Summary Aliases
VCID-2a68-4wtr-7ke1 A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. CVE-2021-25803
VCID-cyj2-72nh-3kgf A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. CVE-2021-25801
VCID-g4af-hnmu-v3bm A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. CVE-2020-26664
VCID-gb3v-b7nc-ukc2 A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application. CVE-2021-25804
VCID-hmyn-3jkb-vqd6 A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file. CVE-2020-13428
VCID-p71q-2a5r-eydb A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. CVE-2021-25802
VCID-wek2-y3ku-pbbs security update DSA-5165-1 vlc

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-01T19:55:49.996370+00:00 Debian Oval Importer Affected by VCID-wek2-y3ku-pbbs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:36:19.579627+00:00 Debian Oval Importer Fixing VCID-p71q-2a5r-eydb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:12:18.629390+00:00 Debian Oval Importer Fixing VCID-cyj2-72nh-3kgf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:09:31.797143+00:00 Debian Oval Importer Affected by VCID-naqh-vqhq-b3hw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:05:22.484501+00:00 Debian Oval Importer Fixing VCID-g4af-hnmu-v3bm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:10:20.917135+00:00 Debian Oval Importer Fixing VCID-hmyn-3jkb-vqd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:42:14.039284+00:00 Debian Oval Importer Affected by VCID-skzz-xkdf-xbhw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:01:53.508322+00:00 Debian Oval Importer Affected by VCID-ugj8-kgfn-dbhw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:38:11.633083+00:00 Debian Oval Importer Fixing VCID-gb3v-b7nc-ukc2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:13:13.079224+00:00 Debian Oval Importer Fixing VCID-2a68-4wtr-7ke1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:06:11.366454+00:00 Debian Oval Importer Affected by VCID-4ygc-xk6x-5qb5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:46:41.013017+00:00 Debian Oval Importer Fixing VCID-g4af-hnmu-v3bm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:46:34.656678+00:00 Debian Oval Importer Fixing VCID-cyj2-72nh-3kgf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:44:11.743631+00:00 Debian Oval Importer Fixing VCID-p71q-2a5r-eydb https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:38:41.213534+00:00 Debian Oval Importer Fixing VCID-gb3v-b7nc-ukc2 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:34:57.360330+00:00 Debian Oval Importer Fixing VCID-wek2-y3ku-pbbs https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:33:33.239083+00:00 Debian Oval Importer Fixing VCID-hmyn-3jkb-vqd6 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:29:11.756062+00:00 Debian Oval Importer Fixing VCID-2a68-4wtr-7ke1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0