Lucene search
GoogleOSV:CVE-2024-26020HistoryJul 22, 2024 - 3:15 p.m.
CVE-2024-26020
2024-07-2215:15:02
Google
osv.dev
1
arbitrary script execution
mpv functionality
ankitects anki 24.04
flashcard
arbitrary code execution
software vulnerability
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.
Related
debiancve
debiancve
CVE-2024-26020
2024-07-22 15:15:02
vulnrichment
vulnrichment
CVE-2024-26020
2024-07-22 14:20:26
talos
talos
Ankitects Anki MPV script injection vulnerability
2024-07-22 00:00:00
cve
cve
CVE-2024-26020
2024-07-22 15:15:02
cvelist
cvelist
CVE-2024-26020
2024-07-22 14:20:26
osv
osv
Ankitects Anki arbitrary script execution vulnerability
2024-07-22 15:32:41
veracode
veracode
Arbitrary Script Execution
2024-07-27 06:23:25
nvd
nvd
CVE-2024-26020
2024-07-22 15:15:02
github
github
Ankitects Anki arbitrary script execution vulnerability
2024-07-22 15:32:41
talosblog
talosblog
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
Related for OSV:CVE-2024-26020