GMS-2022-146: Use after free in Animation

February 22, 2022 (updated February 26, 2022)

Use after free in Animation. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.

There is currently little other public information on the issue other than it has been flagged as High severity.

References

github.com/advisories/GHSA-vv6j-ww6x-54gx
github.com/cefsharp/CefSharp/security/advisories/GHSA-vv6j-ww6x-54gx

Detect and mitigate GMS-2022-146 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →