exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2020-17354

почти 3 года назад

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.

CVSS3: 8.6

EPSS: Низкий

CVE-2020-17354

почти 3 года назад

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.

CVSS3: 8.6

EPSS: Низкий

CVE-2020-17354

почти 3 года назад

LilyPond before 2.24 allows attackers to bypass the -dsafe protection ...

CVSS3: 8.6

EPSS: Низкий

GHSA-vm3h-24gm-v3q6

почти 3 года назад

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.

CVSS3: 8.6

EPSS: Низкий

openSUSE-SU-2023:0137-1

больше 2 лет назад

Security update for guile1, lilypond

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-17354 LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.	CVSS3: 8.6	0% Низкий	почти 3 года назад
CVE-2020-17354 LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.	CVSS3: 8.6	0% Низкий	почти 3 года назад
CVE-2020-17354 LilyPond before 2.24 allows attackers to bypass the -dsafe protection ...	CVSS3: 8.6	0% Низкий	почти 3 года назад
GHSA-vm3h-24gm-v3q6 LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.	CVSS3: 8.6	0% Низкий	почти 3 года назад
openSUSE-SU-2023:0137-1 Security update for guile1, lilypond			больше 2 лет назад

Уязвимостей на страницу