{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T20:34:43.163","vulnerabilities":[{"cve":{"id":"CVE-2022-2949","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-12-13T21:15:11.427","lastModified":"2024-11-21T07:01:58.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\n\n\nAltair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.\n\n\n\n\n\n"},{"lang":"es","value":"Las versiones 2021.1.0.27 y anteriores de Altair HyperView Player son afectados por el uso de vulnerabilidad de memoria no inicializada durante el análisis de archivos H3D. Un DWORD se extrae de un búfer no inicializado y, después de la extensión del signo, se utiliza como índice en una variable de pila para incrementar un contador que provoca daños en la memoria."}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-908"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:altair:hyperview_player:*:*:*:*:*:*:*:*","versionEndIncluding":"2021.1.0.27","matchCriteriaId":"8AB19D33-042C-437F-9872-73769D79311C"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01","source":"ics-cert@hq.dhs.gov","tags":["Patch","Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"]}]}}]}