[ASA-202103-2] wireshark-qt: arbitrary code execution

Arch Linux Security Advisory ASA-202103-2 ========================================= Severity: Medium Date : 2021-03-13 CVE-ID : CVE-2021-22191 Package : wireshark-qt Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1669 Summary ======= The package wireshark-q...

Arbitrary Code Execution

wireshark is vulnerable to arbitrary code execution. The vulnerability exists through some fields in the Wireshark prototree that are double-clickable and passes URLs with arbitrary schemes to the QDesktopServices::openUrl function...