Widevine Trusted Application — known CVE vulnerabilities
Every CVE whose affected-product data names Widevine Trusted Application, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-48331 — CVSS 9.8 (critical): Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow.
CVE-2022-48332 — CVSS 9.8 (critical): Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow.
CVE-2022-48333 — CVSS 9.8 (critical): Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant…
CVE-2022-48334 — CVSS 9.8 (critical): Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer…
CVE-2022-48335 — CVSS 9.8 (critical): Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow.
CVE-2022-48336 — CVSS 9.8 (critical): Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow.