CVE-2023-34634
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-34634
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34634.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-34634
- Published
- 2023-08-01T14:15:10.070Z
- Modified
- 2025-11-20T12:17:56.185470Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.
- References
-
- http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html
- https://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44c
- https://greenshot.atlassian.net/browse/BUG-3061
- https://www.exploit-db.com/exploits/51633
- http://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.html
Affected packages
Git / github.com/greenshot/greenshot
Affected ranges
- Type
- GIT
- Repo
- https://github.com/greenshot/greenshot
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Greenshot-RELEASE-1.*
Greenshot-RELEASE-1.2.10.6
Greenshot-RELEASE-1.2.8.12
Greenshot-RELEASE-1.2.8.14
Greenshot-RELEASE-1.2.9.104
Greenshot-RELEASE-1.2.9.112
Greenshot-RELEASE-1.2.9.129
v1.*
v1.3.105
v1.3.106
v1.3.108
v1.3.151
v1.3.154
v1.3.157
v1.3.178
v1.3.194
v1.3.201
v1.3.202
v1.3.203
v1.3.204
v1.3.205
v1.3.211
v1.3.213
v1.3.218
v1.3.219
v1.3.220
v1.3.223
v1.3.229
v1.3.231
v1.3.234
v1.3.235
v1.3.238
v1.3.239
v1.3.244
v1.3.246
v1.3.249
v1.3.254
v1.3.256
v1.3.258
v1.3.259
v1.3.260
v1.3.261
v1.3.262
v1.3.265
v1.3.270
v1.3.273
v1.3.274
v1.3.55
v1.3.57
v1.3.63
v1.3.69
v1.3.71
v1.3.75
v1.3.76