CVE-2022-22820 — MEDIUM (5.5)

Q: How severe is CVE-2022-22820?

CVE-2022-22820 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-22820?

Check the references section above for vendor advisories and patch information. Affected products include: Linecorp Line.

Vulnerability Description

Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Windows before 7.4.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linecorp	Line	< 7.4.0

Related Weaknesses (CWE)

CWE-20

References

https://hackerone.com/reports/1357400Permissions Required
https://hackerone.com/reports/1357400Permissions Required

FAQ

What is CVE-2022-22820?

CVE-2022-22820 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Window...

How severe is CVE-2022-22820?

CVE-2022-22820 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22820?

Check the references section above for vendor advisories and patch information. Affected products include: Linecorp Line.