← back
CVE-2022-2122

CVE-2022-2122

EPSS 0.4%CWE-122
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
19 Jul 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite.
Affected products
n/a · GStreamer