CVE-2019-13962: lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC medi ...

Severity: Critical

CVSS Score: 9.8

lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.