CVE-2019-12874 log

Severity Critical
Remote Yes
Type Arbitrary code execution
VideoLAN VLC media player 3.0.6 and earlier has a double-free in the zlib_decompress_extra function of the Matroska demuxer in modules/demux/mkv/util.cpp.
Group Package Affected Fixed Severity Status Ticket
AVG-998 vlc 3.0.6-13 Critical Fixed
Date Advisory Group Package Severity Type
25 Jun 2019 ASA-201906-22 AVG-998 vlc Critical arbitrary code execution