EPSS
Percentile
94.6%
vlc is vulnerable to arbitrary code execution. The vulnerability exists through a double free issue when parsing MKV files caused by zlib_decompress_extra in modules/demux/mkv/util.cpp.
zlib_decompress_extra
modules/demux/mkv/util.cpp
git.videolan.org/?p=vlc.git;a=commit;h=81023659c7de5ac2637b4a879195efef50846102
www.securityfocus.com/bid/108882