CVE-2024-6655

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Jul 16, 2024
CWE ID 94

Summary

CVE-2024-6655 is a newly identified vulnerability affecting the GTK library. The issue resides in the way GTK applications handle libraries from the current working directory. Under specific circumstances, a malicious library can be injected into a GTK application, potentially leading to arbitrary code execution and security breaches. This vulnerability poses a significant risk to users who run GTK applications in untrusted environments. It is recommended that affected users update their GTK library as soon as a patch becomes available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share