{"vulnerability": "CVE-2022-48363", "sightings": [{"uuid": "b784603c-0202-4af5-afcb-14ae145ca355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48363", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7245", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48363\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.\n\ud83d\udccf Published: 2023-02-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T19:54:43.431Z\n\ud83d\udd17 References:\n1. https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open\n2. https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484\n3. https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485\n4. https://jira.automotivelinux.org/browse/SPEC-4661", "creation_timestamp": "2025-03-11T20:41:42.000000Z"}, {"uuid": "8e701a5e-81f9-4fd1-ba21-eb4adce4c8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48363", "type": "seen", "source": "https://t.me/arpsyndicate/513", "content": "#ExploitObserverAlert\n\nCVE-2022-48363\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-48363. In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-23T21:58:35.000000Z"}, {"uuid": "aa3b15bc-80ee-4ec9-a67d-e92d17a4169e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48363", "type": "seen", "source": "https://t.me/arpsyndicate/1610", "content": "#ExploitObserverAlert\n\nCVE-2022-48363\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-48363. In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T11:55:01.000000Z"}, {"uuid": "bcf66d26-8a82-4eaa-8ab5-570071f31762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48363", "type": "seen", "source": "https://t.me/cibsecurity/58915", "content": "\u203c CVE-2022-48363 \u203c\n\nIn MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T15:58:20.000000Z"}]}