CVE-2022-32278
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-32278
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-32278.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-32278
- Related
- Published
- 2022-06-13T22:15:08Z
- Modified
- 2024-09-18T03:20:45.199248Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
- References
Affected packages
Debian:11 / exo
Package
- Name
- exo
- Purl
- pkg:deb/debian/exo?arch=source
Debian:12 / exo
Package
- Name
- exo
- Purl
- pkg:deb/debian/exo?arch=source
Debian:13 / exo
Package
- Name
- exo
- Purl
- pkg:deb/debian/exo?arch=source
Git / gitlab.xfce.org/xfce/exo
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.xfce.org/xfce/exo
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
exo-0.*
exo-0.10.0
exo-0.10.1
exo-0.10.2
exo-0.10.3
exo-0.10.4
exo-0.10.5
exo-0.10.6
exo-0.10.7
exo-0.11.0
exo-0.11.1
exo-0.11.2
exo-0.11.3
exo-0.11.4
exo-0.11.5
exo-0.12.0
exo-0.12.1
exo-0.12.10
exo-0.12.11
exo-0.12.2
exo-0.12.3
exo-0.12.4
exo-0.12.5
exo-0.12.6
exo-0.12.7
exo-0.12.8
exo-0.12.9
exo-0.3.1.10rc1
exo-0.3.1.12rc2
exo-0.3.1.6beta1
exo-0.3.100
exo-0.3.101
exo-0.3.4
exo-0.3.80
exo-0.3.91
exo-0.3.92
exo-0.3.93
exo-0.3.99.1
exo-0.5.0
exo-0.5.2
exo-0.5.3
exo-0.5.4
exo-0.5.5
exo-0.5.6
exo-0.6.0
exo-0.7.0
exo-0.7.1
exo-0.7.2
exo-0.7.3
exo-0.8.0
exo-0.9.0
exo-0.9.1
exo-4.*
exo-4.15.1
exo-4.15.2
exo-4.15.3
exo-4.16.0
exo-4.16.1
exo-4.16.2
exo-4.16.3
xfce-4.*
xfce-4.14.0
xfce-4.14pre1
xfce-4.14pre2
xfce-4.14pre3
xfce-4.16pre1
xfce-4.16pre2
xfce-4.4.2
xfce-4.4beta1
xfce-4.4rc1
xfce-4.4rc2
xfce-4.6.0
xfce-4.6.1
xfce-4.6alpha
xfce-4.6beta1
xfce-4.6beta2
xfce-4.6beta3
xfce-4.6rc1