Vulnerability Description
TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Python | Tkvideoplayer | < 2.0.0 |
Related Weaknesses (CWE)
References
- https://github.com/PaulleDemon/tkVideoPlayer/issues/3Issue TrackingThird Party Advisory
- https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-Third Party Advisory
- https://github.com/PaulleDemon/tkVideoPlayer/issues/3Issue TrackingThird Party Advisory
- https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-Third Party Advisory
FAQ
What is CVE-2022-24902?
CVE-2022-24902 is a vulnerability with a CVSS score of 2.9 (LOW). TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There a...
How severe is CVE-2022-24902?
CVE-2022-24902 has been rated LOW with a CVSS base score of 2.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-24902?
Check the references section above for vendor advisories and patch information. Affected products include: Python Tkvideoplayer.