CVE-2021-25804 — NULL Pointer Dereference in VLC Media Player

Severity

7.5HIGHNVD

EPSS

1.0%

top 22.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 26

Latest updateJun 20

Description

A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

GHSA

GHSA-qpmj-gfg7-c4vm: A NULL-pointer dereference in "Open" in avi↗2022-05-24

▶

CVEList

CVE-2021-25804: A NULL-pointer dereference in "Open" in avi↗2021-07-26

▶

OSV

CVE-2021-25804: A NULL-pointer dereference in "Open" in avi↗2021-07-26

▶

Ubuntu

VLC media player vulnerabilities↗2023-06-20

▶

Debian

CVE-2021-25804: vlc - A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.1...↗2021

▶