Chiencc / asuswrt-gt-ac5300

asuswrt-gt-ac5300
Other
0 stars 0 forks source link

smplayerqt-src-5.6.1-1: 1 vulnerabilities (highest severity is: 8.8) - autoclosed #30

Closed mend-for-github-com[bot] closed 1 year ago

mend-for-github-com[bot] commented 1 year ago
Vulnerable Library - smplayerqt-src-5.6.1-1

Free media player with support for Youtube

Library home page: https://sourceforge.net/projects/smplayer/

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Vulnerable Source Files (3)

/release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/user_environment.c /release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/user_environment.c /release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/user_environment.c

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (smplayerqt-src version) Remediation Available
CVE-2022-46871 High 8.8 smplayerqt-src-5.6.1-1 Direct N/A

Details

CVE-2022-46871 ### Vulnerable Library - smplayerqt-src-5.6.1-1

Free media player with support for Youtube

Library home page: https://sourceforge.net/projects/smplayer/

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/user_environment.c /release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/user_environment.c /release/src/router/asusnatnl/pjproject-1.12/third_party/usrsctp/usrsctplib/user_environment.c

### Vulnerability Details

An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.

Publish Date: 2022-12-22

URL: CVE-2022-46871

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #32

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #32