CVE-2022-23603

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-23603

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-23603.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-23603

Aliases

GHSA-3xpp-rhqx-cw96

Published

2022-02-01T10:43:59Z

Modified

2025-11-28T03:31:01.714264Z

Severity

9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L CVSS Calculator

Summary

Code injection in iTunesRPC-Remastered

Details

iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. In code before commit 24f43aa user input is not properly sanitized and code injection is possible. Users are advised to upgrade as soon as is possible. There are no known workarounds for this issue.

Database specific

{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/23xxx/CVE-2022-23603.json"
}

References

Affected packages

Git / github.com/benjjvi/itunesrpc-remastered

Affected ranges

Type: GIT
Repo: https://github.com/benjjvi/itunesrpc-remastered
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

24f43aac0f4116b3d89fdbe973ba92c6cfb0d998

Fixed

54b02d9f3a94de94e4fb471908b8cf798e62e411

Affected versions

debug.*

debug.1.0.0

debug.2.0.0

debug.3.0,0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-23603.json"