Описание
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 3.2.0-2 |
| cosmic | not-affected | 3.2.0-2 |
| devel | not-affected | 3.2.0-2 |
| disco | not-affected | 3.2.0-2 |
| eoan | not-affected | 3.2.0-2 |
| esm-apps/bionic | not-affected | 3.2.0-2 |
| esm-apps/focal | not-affected | 3.2.0-2 |
| esm-apps/jammy | not-affected | 3.2.0-2 |
| esm-apps/noble | not-affected | 3.2.0-2 |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.
KildClient 3.1.0 does not validate strings before launching the progra ...
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3