Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-35961

Опубликовано: 08 янв. 2024
Источник: debian
EPSS Низкий

Описание

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gtkwavefixed3.3.118-0.1package

Примечания

  • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786

EPSS

Процентиль: 27%
0.00094
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-35961

CVSS3: 7.8
ubuntu
около 2 лет назад

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.

nvd логотип

CVE-2023-35961

CVSS3: 7.8
nvd
около 2 лет назад

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.

github логотип

GHSA-xq8j-75w7-8q64

CVSS3: 7.8
github
около 2 лет назад

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.

EPSS

Процентиль: 27%
0.00094
Низкий