GMS-2022-140: Use after free in Animation

February 22, 2022 (updated February 26, 2022)

The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.

There is currently little other public information on the issue other than it has been flagged as High severity.

References

github.com/advisories/GHSA-vv6j-ww6x-54gx
github.com/cefsharp/CefSharp/security/advisories/GHSA-vv6j-ww6x-54gx

Code Behaviors & Features

Detect and mitigate GMS-2022-140 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →