Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-6655HistoryJul 16, 2024 - 3:15 p.m.
CVE-2024-6655
2024-07-1615:15:12
Debian Security Bug Tracker
security-tracker.debian.org
3
flaw
gtk library
injection
application
unix
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0
Percentile
16.0%
A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | gtk+2.0 | < 2.24.33-2+deb12u1 | gtk+2.0_2.24.33-2+deb12u1_all.deb |
| Debian | 11 | all | gtk+2.0 | < 2.24.33-2+deb11u1 | gtk+2.0_2.24.33-2+deb11u1_all.deb |
| Debian | 999 | all | gtk+2.0 | < 2.24.33-5 | gtk+2.0_2.24.33-5_all.deb |
| Debian | 13 | all | gtk+2.0 | < 2.24.33-5 | gtk+2.0_2.24.33-5_all.deb |
| Debian | 12 | all | gtk+3.0 | < 3.24.38-2~deb12u2 | gtk+3.0_3.24.38-2~deb12u2_all.deb |
| Debian | 11 | all | gtk+3.0 | < 3.24.24-4+deb11u4 | gtk+3.0_3.24.24-4+deb11u4_all.deb |
| Debian | 999 | all | gtk+3.0 | < 3.24.43-1 | gtk+3.0_3.24.43-1_all.deb |
| Debian | 13 | all | gtk+3.0 | < 3.24.43-1 | gtk+3.0_3.24.43-1_all.deb |
Related
cbl_mariner
cbl_mariner
CVE-2024-6655 affecting package gtk3 for versions less than 3.24.28-10
2024-08-05 03:22:58
CVE-2024-6655 affecting package gtk3 for versions less than 3.24.28-10
2024-08-14 20:43:58
CVE-2024-6655 affecting package gtk2 for versions less than 2.24.32-12
2024-08-05 03:22:58
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2898-1)
2024-08-14 00:00:00
Huawei EulerOS: Security Advisory for gtk2 (EulerOS-SA-2024-2415)
2024-09-12 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2897-1)
2024-08-14 00:00:00
nessus
nessus
EulerOS 2.0 SP10 : gtk3 (EulerOS-SA-2024-2416)
2024-09-12 00:00:00
vulnrichment
vulnrichment
CVE-2024-6655 Gtk3: gtk2: library injection from cwd
2024-07-16 15:05:55
osv
osv
gtk+2.0, gtk+3.0 vulnerability
2024-07-16 13:03:44
CVE-2024-6655
2024-07-16 15:15:12
nvd
nvd
CVE-2024-6655
2024-07-16 15:15:12
CVE-2024-39152
2024-07-18 19:15:12
amazon
amazon
Important: gtk3
2024-08-01 03:00:00
Important: gtk2
2024-08-01 03:00:00
redhatcve
redhatcve
CVE-2024-6655
2024-07-10 14:35:35
redos
redos
ROS-20240905-03
2024-09-05 00:00:00
cve
cve
CVE-2024-6655
2024-07-16 15:15:12
CVE-2024-39152
2024-07-18 19:15:12
ubuntucve
ubuntucve
CVE-2024-6655
2024-07-11 00:00:00
ubuntu
ubuntu
GTK vulnerability
2024-07-16 00:00:00
cvelist
cvelist
CVE-2024-6655 Gtk3: gtk2: library injection from cwd
2024-07-16 15:05:55
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0
Percentile
16.0%
Related for DEBIANCVE:CVE-2024-6655