8.8

CVE-2022-4202

Exploit

EPSS 0.1%
Published 29.11.2022 09:15:09
Last modified 21.11.2024 07:34:46
Source cna@vuldb.com
Teams watchlist Login
Open Login

A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability.

Affected products Warnungen 0 Metrics 3 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Gpac ≫ Gpac Version2.1-dev-rev490-g68064e101-master

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.1%	0.276

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cna@vuldb.com	6.3	2.8	3.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

https://www.debian.org/security/2023/dsa-5411

https://drive.google.com/file/d/1HVWa6IpAbvsMS5rx091RfjUB4GfXrMLE/view

Third Party Advisory

Exploit

https://github.com/gpac/gpac/commit/b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908

Patch

Third Party Advisory

https://github.com/gpac/gpac/issues/2333

Patch

Third Party Advisory

Exploit

https://vuldb.com/?id.214518

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-4202

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-4202

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-4202

EUVD