CVE-2022-24902

LOW

Python Tkvideoplayer < 2.0.0 - Denial of Service

Title source: rule

Description

TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later.

References (2)

[Issue Tracking, Third Party Advisory] https://github.com/PaulleDemon/tkVideoPlayer/issues/3

[Third Party Advisory] https://github.com/PaulleDemon/tkVideoPlayer/security/advisories/GHSA-jmhj-vh4q-hhmq

Scores

CVSS v3 2.9

EPSS 0.0015

EPSS Percentile 35.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-400

Status published

Affected Products (2)

python/tkvideoplayer < 2.0.0

pypi/tkvideoplayer < 2.0.0PyPI

Timeline

Published May 06, 2022

Tracked Since Feb 18, 2026