Vulnerability in Codenameone
CVE-2022-4903
A vulnerability was found in CodenameOne 7.0.70. It has been classified as problematic. Affected is an unknown function. The manipulation leads to use of implicit intent for sensitive communication. It is possible to launch the attack remo…
EPSS: 0.004 (62.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.0 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L.
Affected products
- N/a Codenameone — versions 7.0.70
Weakness classification (CWE)
References
- vuldb.com/ (vdb-entry, technical-description)
- vuldb.com/ (signature, permissions-required)
- github.com/codenameone/CodenameOne/issues/3583 (issue-tracking)
- github.com/codenameone/CodenameOne/commit/dad49c9ef26a598619fc48d2697151a02987d… (patch)
- github.com/codenameone/CodenameOne/releases/tag/7.0.71 (patch)
Frequently asked questions
- What is CVE-2022-4903?
- CVE-2022-4903 is a medium-severity vulnerability in Codenameone, classified under CWE-927. CVSS score: 5.0/10. Published 2023-02-10.
- How severe is CVE-2022-4903?
- Medium severity. CVSS v3 base score is 5.0 out of 10.