CVE-2021-26917

CVE-2021-26917

** DISPUTED ** PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. NOTE: the discoverer states "security mitigation may not be necessary as there is no evidence yet that these screen intercepts are actually transported away from the local host." NOTE: it is unclear whether there are any common use cases in which apinotifypath is controlled by an attacker.

Source: CVE-2021-26917

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다