Vulnerabilities > CVE-2022-4202 - Numeric Errors vulnerability in Gpac 2.1Devrev490G68064E101Master

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

gpac

CWE-189

NVD

Published: 2022-11-29

Updated: 2023-11-07

Summary

A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Gpac Gpac Gpac 2.1-Dev-Rev490-G68064E101-Master	1

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References