Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5557


A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.


Published

2023-10-13T02:15:11.077

Last Modified

2024-11-21T08:42:00.620

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-693
  • Type: Primary
    NVD-CWE-noinfo

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application gnome tracker_miners < 3.3.2 Yes
Application gnome tracker_miners < 3.4.5 Yes
Application gnome tracker_miners < 3.5.3 Yes
Application gnome tracker_miners < 3.6.1 Yes
Operating System redhat enterprise_linux 8.0 Yes
Operating System redhat enterprise_linux 9.0 Yes

References