It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-19721)
It was discovered that VLC could be made to write out of bounds when processing H.264 video files. If a user were tricked into opening a crafted H.264 video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-13428)
It was discovered that VLC could be made to read out of bounds when processing AVI video files. If a user were tricked into opening a crafted AVI video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-25801, CVE-2021-25802, CVE-2021-25803, CVE-2021-25804)
It was discovered that the VNC module of VLC contained an arithmetic overflow. If a user were tricked into opening a crafted playlist or connecting to a rouge VNC server, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2022-41325)
{
"binaries": [
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "libvlc-dev"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "libvlc5"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "libvlccore-dev"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "libvlccore8"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-data"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-nox"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-plugin-fluidsynth"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-plugin-jack"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-plugin-notify"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-plugin-samba"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-plugin-sdl"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-plugin-svg"
},
{
"binary_version": "2.2.2-5ubuntu0.16.04.5+esm2",
"binary_name": "vlc-plugin-zvbi"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
{
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2019-19721"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25801"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25802"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25803"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25804"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2022-41325"
}
]
}
{
"binaries": [
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "libvlc-bin"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "libvlc-dev"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "libvlc5"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "libvlccore-dev"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "libvlccore9"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-bin"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-data"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-l10n"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-access-extra"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-base"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-fluidsynth"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-jack"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-notify"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-qt"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-samba"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-skins2"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-svg"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-video-output"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-video-splitter"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-visualization"
},
{
"binary_version": "3.0.8-0ubuntu18.04.1+esm1",
"binary_name": "vlc-plugin-zvbi"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
{
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2019-19721"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2020-13428"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25801"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25802"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25803"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25804"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2022-41325"
}
]
}
{
"binaries": [
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "libvlc-bin"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "libvlc-dev"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "libvlc5"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "libvlccore-dev"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "libvlccore9"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-bin"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-data"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-l10n"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-access-extra"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-base"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-fluidsynth"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-jack"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-notify"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-qt"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-samba"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-skins2"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-svg"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-video-output"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-video-splitter"
},
{
"binary_version": "3.0.9.2-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-visualization"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
{
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2020-13428"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25801"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25802"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25803"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2021-25804"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2022-41325"
}
]
}
{
"binaries": [
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "libvlc-bin"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "libvlc-dev"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "libvlc5"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "libvlccore-dev"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "libvlccore9"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-bin"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-data"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-l10n"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-access-extra"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-base"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-fluidsynth"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-jack"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-notify"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-qt"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-samba"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-skins2"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-svg"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-video-output"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-video-splitter"
},
{
"binary_version": "3.0.16-1ubuntu0.1~esm1",
"binary_name": "vlc-plugin-visualization"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
{
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2022-41325"
}
]
}