vulnerability
Ubuntu: USN-4805-1 (CVE-2018-11529): VLC vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jul 11, 2018 | Mar 22, 2023 | Mar 27, 2026 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jul 11, 2018
Added
Mar 22, 2023
Modified
Mar 27, 2026
Description
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
Solutions
ubuntu-pro-upgrade-libvlc5ubuntu-pro-upgrade-libvlccore7ubuntu-pro-upgrade-libvlccore8ubuntu-pro-upgrade-vlcubuntu-pro-upgrade-vlc-dataubuntu-pro-upgrade-vlc-noxubuntu-pro-upgrade-vlc-plugin-fluidsynthubuntu-pro-upgrade-vlc-plugin-jackubuntu-pro-upgrade-vlc-plugin-notifyubuntu-pro-upgrade-vlc-plugin-pulseubuntu-pro-upgrade-vlc-plugin-sambaubuntu-pro-upgrade-vlc-plugin-sdlubuntu-pro-upgrade-vlc-plugin-svgubuntu-pro-upgrade-vlc-plugin-zvbi
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.