Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2023-40590: Untrusted search path on Windows systems leading to arbitrary code execution #1635

Open
igirardi opened this issue Aug 30, 2023 · 1 comment
Open

CVE-2023-40590: Untrusted search path on Windows systems leading to arbitrary code execution #1635

igirardi opened this issue Aug 30, 2023 · 1 comment
Labels
acknowledged help wanted tag.Windows

Comments

@igirardi
Copy link

igirardi commented Aug 30, 2023
edited

This appeared in the CVE additional information here GHSA-wfm5-v35h-vwf4.

I found it reported already. I am reporting it here just in case.
@igirardi igirardi changed the title CVE-2023-40267: Remote Code Execution (RCE) CVE-2023-40590: Remote Code Execution (RCE) Aug 30, 2023
@igirardi igirardi changed the title CVE-2023-40590: Remote Code Execution (RCE) CVE-2023-40590: Untrusted search path on Windows systems leading to arbitrary code execution Aug 30, 2023
@Byron
Copy link
Member

Byron commented Aug 30, 2023

Thanks. This advisory originated in this repository and is thus known: GHSA-wfm5-v35h-vwf4 .

However, it seems hard to communicate using an advisory, so we can keep this issue open to collect comments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
acknowledged help wanted tag.Windows
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Byron @igirardi