Lucene search
K

5 matches found

Debian
Debian
added 2022/09/21 1:57 p.m.66 views

[SECURITY] [DSA 5232-1] tinygltf security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5232-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 21, 2022 https://www.debian.org/security/faq -...

8.8CVSS8.4AI score0.0279EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/09/21 12:0 a.m.29 views

Debian DSA-5232-1 : tinygltf - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5232 advisory. It was discovered that the wordexp function of tinygltf, a library to load/save glTF GL Transmission Format files was susceptible to command execution when processing...

8.8CVSS7.9AI score0.0279EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/09/05 9:10 a.m.27 views

CVE-2022-3008 Command Injection on tinygltf

The tinygltf library uses the C library function wordexp to perform file path expansion on untrusted paths that are provided from the input file. This function allows for command injection by using backticks. An attacker could craft an untrusted path input that would result in a path expansion. W...

8.1CVSS9.1AI score0.0279EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/09/05 9:10 a.m.2 views

CVE-2022-3008 Command Injection on tinygltf

The tinygltf library uses the C library function wordexp to perform file path expansion on untrusted paths that are provided from the input file. This function allows for command injection by using backticks. An attacker could craft an untrusted path input that would result in a path expansion. W...

8.1CVSS8.8AI score0.0279EPSS
Exploits1References5
CVE
CVE
added 2022/09/05 9:10 a.m.91 views

CVE-2022-3008

CVE-2022-3008 affects the tinygltf library. The vulnerability arises from using the C function wordexp() to perform file path expansion on untrusted input, enabling potential command execution (path expansion via backticks). The issue is documented across multiple sources: Debian security advisor...

8.8CVSS8.5AI score0.0279EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder