CVE-2022-24902

Опубликовано: 06 мая 2022

Источник: nvd

CVSS3: 2.9

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later.

Ссылки

https://github.com/PaulleDemon/tkVideoPlayer/issues/3
Issue Tracking
Third Party Advisory
https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq
Third Party Advisory
https://github.com/PaulleDemon/tkVideoPlayer/issues/3
Issue Tracking
Third Party Advisory
https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:python:tkvideoplayer:*:*:*:*:*:*:*:*

Версия до 2.0.0 (исключая)

EPSS

Процентиль: 36%

0.00149

Низкий

2.9 Low

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-jmhj-vh4q-hhmq

CVSS3: 4.3

github

почти 4 года назад

tkvideo has a memory issue in playing videos

EPSS

Процентиль: 36%

0.00149

Низкий

2.9 Low

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-400