CVE-2023-43091

A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code.

References

Affected packages

Git / gitlab.gnome.org/GNOME/gnome-maps

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/gnome-maps
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d26cd774d524404ef7784e6808f551de83de4bea

Affected versions

v3.*

v3.10.0

v3.11.2

v3.11.4

v3.11.4.1

v3.11.5

v3.11.5.1

v3.11.90

v3.11.91

v3.11.92

v3.12.0

v3.13.2

v3.13.3

v3.13.4

v3.13.91

v3.13.92

v3.14.0

v3.14.1

v3.15.2

v3.15.3

v3.15.3.1

v3.15.3.2

v3.15.4

v3.15.90

v3.15.90.1

v3.15.90.2

v3.15.91

v3.15.92

v3.16.0

v3.16.1

v3.17.1

v3.17.90

v3.17.90.1

v3.17.91

v3.17.92

v3.18.0

v3.18.0.1

v3.18.1

v3.19.1

v3.19.2

v3.19.3

v3.19.4

v3.19.90

v3.19.91

v3.19.92

v3.20.0

v3.20.1

v3.21.4

v3.21.90

v3.21.92

v3.22.0

v3.22.1

v3.23.1

v3.23.2

v3.23.3

v3.23.4

v3.23.90

v3.23.91

v3.23.92-real

v3.24.0

v3.24.1

v3.25.1

v3.25.2

v3.25.3

v3.25.4

v3.25.90

v3.25.91

v3.25.92

v3.26.0

v3.27.1

v3.27.2

v3.27.3

v3.27.4

v3.27.90

v3.27.92

v3.28.0

v3.29.1

v3.29.2

v3.29.3

v3.29.4

v3.29.90

v3.29.91

v3.29.92

v3.30.0

v3.31.1

v3.31.2

v3.31.3

v3.31.4

v3.31.90

v3.31.91

v3.31.92

v3.32.0

v3.33.1

v3.33.2

v3.33.3

v3.33.4

v3.33.90

v3.33.91

v3.33.92

v3.34.0

v3.35.1

v3.35.2

v3.35.3

v3.35.90

v3.35.91

v3.35.92

v3.36.0

v3.37.1

v3.37.2

v3.37.3

v3.37.90

v3.37.91

v3.37.92

v3.38.0

v3.9.5

v3.9.90

v3.9.90.1

v3.9.90.2

v3.9.91

v40.*

v40.0

v40.alpha

v40.beta

v40.rc

v41.*

v41.0

v41.alpha

v41.beta

v41.rc

v42.*

v42.0

v42.alpha

v42.beta

v42.rc

v43.*

v43.0

v43.alpha

v43.beta

v43.rc

v44.*

v44.0

v44.alpha

v44.beta

v44.rc

v45.*

v45.alpha

v45.beta

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-43091.json"