CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22938

VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component. The issue exists in TrueType font parser. A malicious actor with access to a virtual machine or remote desktop may exploit this issue to trigger a denial-of-service condition in the Thinprint service running on the host machine where VMware Workstation or Horizon Client for Windows is installed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 2.1

References

Products affected by CVE-2022-22938

Vmware » Horizon » Version: 5.0.0

cpe:2.3:a:vmware:horizon:5.0.0
Vmware » Horizon » Version: 5.1.0

cpe:2.3:a:vmware:horizon:5.1.0
Vmware » Horizon » Version: 5.2.0

cpe:2.3:a:vmware:horizon:5.2.0
Vmware » Workstation » Version: 16.0.0

cpe:2.3:a:vmware:workstation:16.0.0
Vmware » Workstation » Version: 16.1.0

cpe:2.3:a:vmware:workstation:16.1.0
Vmware » Workstation » Version: 16.1.1

cpe:2.3:a:vmware:workstation:16.1.1
Vmware » Workstation » Version: 16.1.2

cpe:2.3:a:vmware:workstation:16.1.2
Vmware » Workstation » Version: 16.2.0

cpe:2.3:a:vmware:workstation:16.2.0
Vmware » Workstation » Version: 16.2.1

cpe:2.3:a:vmware:workstation:16.2.1
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22938

Products

Pricing

Contact Us