Home > Vulnerability Database > CVE-2022-4202

Mend.io Vulnerability Database

CVE-2022-4202

Date: November 29, 2022

A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability.

Language: C

Severity Score

8.8

Related Resources (8)

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-4202

Url: https://security-tracker.debian.org/tracker/CVE-2022-4202

Url: https://github.com/gpac/gpac/commit/b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908

Url: https://vuldb.com/?id.214518

Url: https://github.com/gpac/gpac/issues/2333

Url: https://www.debian.org/security/2023/dsa-5411

Url: https://drive.google.com/file/d/1HVWa6IpAbvsMS5rx091RfjUB4GfXrMLE/view

Url: https://www.mend.io/vulnerability-database/CVE-2022-4202

Severity Score

8.8

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-4202

Date: November 29, 2022

Language: C

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?