Aggregates CVE and security vulnerability intelligence across all widevine-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk integer handling and related problems; some flaws may lead to vendor impact application crash and vendor impact memory corruption.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-48336 | Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow. | [email protected] | 9.8 | 1.09% | 2023-06-26 | 2024-11-21 |
| CVE-2022-48335 | Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow. | [email protected] | 9.8 | 1.09% | 2023-06-26 | 2024-11-21 |
| CVE-2022-48334 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow. | [email protected] | 9.8 | 0.93% | 2023-06-26 | 2024-11-21 |
| CVE-2022-48333 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow. | [email protected] | 9.8 | 0.93% | 2023-06-26 | 2024-11-21 |
| CVE-2022-48332 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow. | [email protected] | 9.8 | 0.93% | 2023-06-26 | 2024-11-21 |
| CVE-2022-48331 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow. | [email protected] | 9.8 | 0.93% | 2023-06-26 | 2024-11-21 |