CVSS 3.1 Score 7.5 of 10 (high)


Published Oct 30, 2023
Updated: Nov 7, 2023


The vulnerability with the CVE ID name CVE-2020-36767 affects the tinyfiledialogs (aka tiny file dialogs) software before version 3.8.0. It allows shell metacharacters to be included in titles, messages, and other input data, potentially leading to exploitation by attackers. The risk score is 25, indicating a high level of severity. The vulnerability has a base score of 7.5 and an exploitability score of 3.9, suggesting that it can be exploited over a network with low attack complexity and no user interaction required. The impact score is 3.6, with high integrity impact but no confidentiality impact and no availability impact. Organizations using this software should update to version 3.8.0 or later to remediate the vulnerability and protect their systems from potential attacks.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2020-36767 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options