4 matches found
EUVD-2017-8683
Malware in sbrugna...
MGASA-2020-0414 Updated lilypond package fixes a security vulnerability
It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. CVE-2020-17353...
Updated lilypond packages fix security vulnerability
lilypond does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks CVE-2017-17523...
MGASA-2018-0412 Updated lilypond packages fix security vulnerability
lilypond does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks CVE-2017-17523...