CVE-2020-17354

Exploit

EPSS 0.02%
Published 15.04.2023 22:15:06
Last modified 06.02.2025 17:15:11
Source cve@mitre.org
Teams watchlist Login
Open Login

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.

Affected products Warnungen 0 Metrics 3 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Lilypond ≫ Lilypond Version < 2.24.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.018

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.6	1.8	6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.6	1.8	6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

http://lilypond.org/doc/v2.18/Documentation/usage/command_002dline-usage

Release Notes

https://gitlab.com/lilypond/lilypond/-/merge_requests/1522

Patch

Vendor Advisory

https://lilypond.org/download.html

Product

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K43PF6VGFJNNGAPY57BW3VMEFFOSMRLF/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST5BLLQ4GDME3SN7UE5OMNE5GZE66X4Y/

https://phabricator.wikimedia.org/T259210

Third Party Advisory

Exploit