Описание
open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | ignored | changes too intrusive |
| focal | ignored | end of standard support, was needs-triage |
| jammy | not-affected | code not present |
| noble | ignored | changes too intrusive |
| oracular | ignored | changes too intrusive |
| plucky | ignored | changes too intrusive |
| upstream | released | 0.41.0 |
Показывать по
EPSS
4.1 Medium
CVSS3
Связанные уязвимости
open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).
open_actions.py in kitty before 0.41.0 does not ask for user confirmat ...
open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).
EPSS
4.1 Medium
CVSS3