Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9gq7-p5w9-w899

Опубликовано: 22 июл. 2024
Источник: github
Github: Прошло ревью
CVSS4: 8.6
CVSS3: 9.6

Описание

Ankitects Anki arbitrary script execution vulnerability

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.

Ссылки

Пакеты

Наименование

anki

pip
Затронутые версииВерсия исправления

< 24.06

24.06

EPSS

Процентиль: 86%
0.03111
Низкий

8.6 High

CVSS4

9.6 Critical

CVSS3

CVE ID

CVE-2024-26020

Дефекты

CWE-74

Связанные уязвимости

ubuntu логотип

CVE-2024-26020

CVSS3: 9.6
ubuntu
больше 1 года назад

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.

nvd логотип

CVE-2024-26020

CVSS3: 9.6
nvd
больше 1 года назад

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.

debian логотип

CVE-2024-26020

CVSS3: 9.6
debian
больше 1 года назад

An arbitrary script execution vulnerability exists in the MPV function ...

EPSS

Процентиль: 86%
0.03111
Низкий

8.6 High

CVSS4

9.6 Critical

CVSS3

CVE ID

CVE-2024-26020

Дефекты

CWE-74