ChoeMinji / godot

MIT License
0 stars 0 forks source link

CVE-2022-47021 (High) detected in godot3.4.2-stable #41

Open mend-bolt-for-github[bot] opened 1 year ago

mend-bolt-for-github[bot] commented 1 year ago

CVE-2022-47021 - High Severity Vulnerability

Vulnerable Library - godot3.4.2-stable

Godot Engine ? Multi-platform 2D and 3D game engine

Library home page: https://github.com/godotengine/godot.git

Found in HEAD commit: 620ad7ae3fef04e165cbc3f2776d3e3bf6cfdc4d

Found in base branch: master

Vulnerable Source Files (2)

/thirdparty/opus/opusfile.c /thirdparty/opus/opusfile.c

Vulnerability Details

A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.

Publish Date: 2023-01-20

URL: CVE-2022-47021

CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.


Step up your Open Source Security Game with Mend here