SecTeer VulnDetect Support Forum

    VulnDetect

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Download VulnDetect Installer

    [Solved] VLC 3.0.11 not detected as unsecure without available patch

    Solved Detection Issues
    3
    5
    164
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      GregAlexandre last edited by OLLI_S

      Hi,
      At this time (2021-01-16) VLC 3.0.11 is known to be unsecure without available patch: https://nvd.nist.gov/vuln/detail/CVE-2020-26664 .
      Vulndetect does not display it as unsecure and does not states that there is no available patch.

      Hope this helps.

      Regards.

      1 Reply Last reply Reply Quote 0
      • OLLI_S
        OLLI_S Community Moderator last edited by

        OK, then I mark this issue as solved.

        1 Reply Last reply Reply Quote 0
        • G
          GregAlexandre @VulnDetect last edited by

          @VulnDetect & @Tom & @OLLI_S : Fixed
          Can be moved to "solved issue".
          Thanks.

          1 Reply Last reply Reply Quote 0
          • V
            VulnDetect last edited by

            Earlier today the installer for 3.0.12 was released, and short time ago the security page was updated. However, the actual VideoLAN advisory, is still 404.

            Anyway, the rule is updated and a package is available, and the first users and customers has applied the updated version.

            Again, thank you for reporting this.

            /Tom

            G 1 Reply Last reply Reply Quote 0
            • V
              VulnDetect last edited by

              @GregAlexandre Thank you.

              It appears that they do have a fix in the pipeline:
              https://code.videolan.org/videolan/vlc-3.0/-/commit/ec1f55ee9ace5cc675395a1bc9700d99679e7e8c

              For some reason they haven't released 3.0.12 yet.

              We have flagged 3.0.11 as Insecure and will closely monitor the release of 3.0.12.

              /Tom

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

              Please see our Privacy and Data Processing Policy
              Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
              Forum software by NodeBB