CVE-2022-23611

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-23611
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-23611.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-23611
Related
  • GHSA-mjv7-r62p-vhhg
Published
2022-02-04T23:15:15Z
Modified
2025-01-08T14:05:03.214557Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS level command injection. This issue has been patched in commit cdcd48b. Users are advised to upgrade.

References

Affected packages

Git / github.com/benjjvi/itunesrpc-remastered

Affected ranges

Type
GIT
Repo
https://github.com/benjjvi/itunesrpc-remastered
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

debug.*

debug.1.0.0
debug.2.0.0
debug.3.0,0