8.8

CVE-2022-4202

Exploit

EPSS 0.1%
Veröffentlicht 29.11.2022 09:15:09
Zuletzt bearbeitet 21.11.2024 07:34:46
Quelle cna@vuldb.com
Teams Watchlist Login
Unerledigt Login

A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gpac ≫ Gpac Version2.1-dev-rev490-g68064e101-master

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.276

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cna@vuldb.com	6.3	2.8	3.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

https://www.debian.org/security/2023/dsa-5411

https://drive.google.com/file/d/1HVWa6IpAbvsMS5rx091RfjUB4GfXrMLE/view

Third Party Advisory

Exploit

https://github.com/gpac/gpac/commit/b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908

Patch

Third Party Advisory

https://github.com/gpac/gpac/issues/2333

Patch

Third Party Advisory

Exploit

https://vuldb.com/?id.214518

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-4202

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-4202

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-4202

EUVD