RHEL 8 : file-type (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - file-type: a malformed MKV file could cause the file type detector to get caught in an infinite loop CVE-2022-36313...

GHSA-MHXJ-85R3-2X55 file-type vulnerable to Infinite Loop via malformed MKV file

An issue was discovered in the file-type package from 13.0.0 until 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack when...

UBUNTU-CVE-2019-12874

An issue was discovered in zlibdecompressextra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free...

MGASA-2013-0241 Updated vlc package fixes security vulnerability.

2.0.8 Demux: sgimb: use after free fixes 8724 https://trac.videolan.org/vlc/ticket/8724 Improve resistance and checking against malformed MKV files Check element size before reading it. This should avoid integer overflows inside the libebml causing heap buffer overflow. Since new called by the li...