Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by PaulleDemon
CVE-2022-24902 (GCVE-0-2022-24902)
Vulnerability from nvd – Published: 2022-05-05 23:35 – Updated: 2025-04-23 18:30
VLAI
Title
Memory issue in playing videos
Summary
TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/PaulleDemon/tkVideoPlayer/secu… | x_refsource_CONFIRM |
| https://github.com/PaulleDemon/tkVideoPlayer/issues/3 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| PaulleDemon | tkVideoPlayer |
Affected:
< 2.0.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:00.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:07:43.154459Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:30:13.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tkVideoPlayer",
"vendor": "PaulleDemon",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-05T23:35:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3"
}
],
"source": {
"advisory": "GHSA-jmhj-vh4q-hhmq",
"discovery": "UNKNOWN"
},
"title": "Memory issue in playing videos",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24902",
"STATE": "PUBLIC",
"TITLE": "Memory issue in playing videos"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tkVideoPlayer",
"version": {
"version_data": [
{
"version_value": "\u003c 2.0.0"
}
]
}
}
]
},
"vendor_name": "PaulleDemon"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq",
"refsource": "CONFIRM",
"url": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq"
},
{
"name": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3",
"refsource": "MISC",
"url": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3"
}
]
},
"source": {
"advisory": "GHSA-jmhj-vh4q-hhmq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24902",
"datePublished": "2022-05-05T23:35:10.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:30:13.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24902 (GCVE-0-2022-24902)
Vulnerability from cvelistv5 – Published: 2022-05-05 23:35 – Updated: 2025-04-23 18:30
VLAI
Title
Memory issue in playing videos
Summary
TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/PaulleDemon/tkVideoPlayer/secu… | x_refsource_CONFIRM |
| https://github.com/PaulleDemon/tkVideoPlayer/issues/3 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| PaulleDemon | tkVideoPlayer |
Affected:
< 2.0.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:00.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:07:43.154459Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:30:13.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tkVideoPlayer",
"vendor": "PaulleDemon",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-05T23:35:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3"
}
],
"source": {
"advisory": "GHSA-jmhj-vh4q-hhmq",
"discovery": "UNKNOWN"
},
"title": "Memory issue in playing videos",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24902",
"STATE": "PUBLIC",
"TITLE": "Memory issue in playing videos"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tkVideoPlayer",
"version": {
"version_data": [
{
"version_value": "\u003c 2.0.0"
}
]
}
}
]
},
"vendor_name": "PaulleDemon"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq",
"refsource": "CONFIRM",
"url": "https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq"
},
{
"name": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3",
"refsource": "MISC",
"url": "https://github.com/PaulleDemon/tkVideoPlayer/issues/3"
}
]
},
"source": {
"advisory": "GHSA-jmhj-vh4q-hhmq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24902",
"datePublished": "2022-05-05T23:35:10.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:30:13.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}