CVE-2021-32563

An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xfce:thunar:*:*:*:*:*:*:*:*
cpe:2.3:a:xfce:thunar:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-11 05:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-32563

Mitre link : CVE-2021-32563

CVE.ORG link : CVE-2021-32563


JSON object : View

Products Affected

xfce

  • thunar
CWE
CWE-913

Improper Control of Dynamically-Managed Code Resources