Lucene search
Ubuntu.comUB:CVE-2024-6655HistoryJul 11, 2024 - 12:00 a.m.
CVE-2024-6655
2024-07-1100:00:00
ubuntu.com
ubuntu.com
6
library injection
cwd
cve-2024-6655
bugs
unix
gtk
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0
Percentile
16.0%
A flaw was found in the GTK library. Under certain conditions, it is
possible for a library to be injected into a GTK application from the
current working directory.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | gtk+2.0 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | gtk+2.0 | < 2.24.32-4ubuntu4.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | gtk+2.0 | < 2.24.33-2ubuntu2.1 | UNKNOWN |
| ubuntu | 24.04 | noarch | gtk+2.0 | < 2.24.33-4ubuntu1.1 | UNKNOWN |
| ubuntu | 16.04 | noarch | gtk+2.0 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | gtk+3.0 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | gtk+3.0 | < 3.24.20-0ubuntu1.2 | UNKNOWN |
| ubuntu | 22.04 | noarch | gtk+3.0 | < 3.24.33-1ubuntu2.2 | UNKNOWN |
| ubuntu | 24.04 | noarch | gtk+3.0 | < 3.24.41-4ubuntu1.1 | UNKNOWN |
| ubuntu | 16.04 | noarch | gtk+3.0 | < any | UNKNOWN |
Related
cbl_mariner
cbl_mariner
CVE-2024-6655 affecting package gtk3 for versions less than 3.24.28-10
2024-08-05 03:22:58
CVE-2024-6655 affecting package gtk3 for versions less than 3.24.28-10
2024-08-14 20:43:58
CVE-2024-6655 affecting package gtk2 for versions less than 2.24.32-12
2024-08-05 03:22:58
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2898-1)
2024-08-14 00:00:00
Huawei EulerOS: Security Advisory for gtk2 (EulerOS-SA-2024-2415)
2024-09-12 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2897-1)
2024-08-14 00:00:00
nessus
nessus
EulerOS 2.0 SP10 : gtk3 (EulerOS-SA-2024-2416)
2024-09-12 00:00:00
vulnrichment
vulnrichment
CVE-2024-6655 Gtk3: gtk2: library injection from cwd
2024-07-16 15:05:55
osv
osv
gtk+2.0, gtk+3.0 vulnerability
2024-07-16 13:03:44
CVE-2024-6655
2024-07-16 15:15:12
nvd
nvd
CVE-2024-6655
2024-07-16 15:15:12
CVE-2024-39152
2024-07-18 19:15:12
amazon
amazon
Important: gtk3
2024-08-01 03:00:00
Important: gtk2
2024-08-01 03:00:00
redhatcve
redhatcve
CVE-2024-6655
2024-07-10 14:35:35
redos
redos
ROS-20240905-03
2024-09-05 00:00:00
debiancve
debiancve
CVE-2024-6655
2024-07-16 15:15:12
cve
cve
CVE-2024-6655
2024-07-16 15:15:12
CVE-2024-39152
2024-07-18 19:15:12
ubuntu
ubuntu
GTK vulnerability
2024-07-16 00:00:00
cvelist
cvelist
CVE-2024-6655 Gtk3: gtk2: library injection from cwd
2024-07-16 15:05:55
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0
Percentile
16.0%
Related for UB:CVE-2024-6655