qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/set' URL, which then sets 'editor.command' to a bash script, resulting in arbitrary code execution.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2018/07/11/7 | Mitigation Mailing List Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10895 | Issue Tracking Patch Third Party Advisory |
https://github.com/qutebrowser/qutebrowser/commit/43e58ac865ff862c2008c510fc5f7627e10b4660 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2018-07-12T12:00:00
Updated: 2018-07-12T11:57:01
Reserved: 2018-05-09T00:00:00
Link: CVE-2018-10895
JSON object: View
NVD Information
Status : Modified
Published: 2018-07-12T12:29:00.213
Modified: 2019-10-09T23:33:10.337
Link: CVE-2018-10895
JSON object: View
Redhat Information
No data.
CWE