Vulnerability Details CVE-2022-45062
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 69.7%
CVSS Severity
CVSS v3 Score 9.8
References
- https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/55e3c5fb667e96ad1412cf249879262b369d28d7
- https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/f34a92a84f96268ad24a7a13fd5edc9f1d526110
- https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390
- https://gitlab.xfce.org/xfce/xfce4-settings/-/tags
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGTGTTPFHDUB3EZHVKDK4H32QUUYPPFF/
- https://security.gentoo.org/glsa/202305-05
- https://www.debian.org/security/2022/dsa-5296
- https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/55e3c5fb667e96ad1412cf249879262b369d28d7
- https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/f34a92a84f96268ad24a7a13fd5edc9f1d526110
- https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390
- https://gitlab.xfce.org/xfce/xfce4-settings/-/tags
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGTGTTPFHDUB3EZHVKDK4H32QUUYPPFF/
- https://security.gentoo.org/glsa/202305-05
- https://www.debian.org/security/2022/dsa-5296
- https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390
Products affected by CVE-2022-45062
-
cpe:2.3:a:xfce:xfce4-settings:-
-
cpe:2.3:a:xfce:xfce4-settings:4.17.0
-
cpe:2.3:o:debian:debian_linux:11.0
-
cpe:2.3:o:fedoraproject:fedora:37