CVE-2023-43091

Gnome-maps: gnome maps is vulnerable to a code injection attack (similar to xss) via its service.json

Description

A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code.

INFO

Published Date :

2024-11-17T12:25:49.293Z

Last Modified :

2024-11-18T16:39:41.368Z

Source :

fedora

AFFECTED PRODUCTS

The following products are affected by CVE-2023-43091 vulnerability.

Vendors	Products
Gnome	Gnome-maps
Gnome Maps	Gnome Maps

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-43091.

URL	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2239091
https://gitlab.gnome.org/GNOME/gnome-maps/-/commit/d26cd774d524404ef7784e6808f551de83de4bea
https://gitlab.gnome.org/GNOME/gnome-maps/-/issues/588

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact