CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23609 – Path traveresal in iTunesRPC-Remastered
https://notcve.org/view.php?id=CVE-2022-23609
04 Feb 2022 — iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize user input used to remove files leading to file deletion only limited by the process permissions. Users are advised to upgrade as soon as possible. iTunesRPC-Remastered es una utilidad de Discord Rich Presence para iTunes en Windows. En las versiones afectadas, iTunesRPC-Remastered no saneaba correctamente las entradas del usuario usadas para eliminar archivos, c... • https://github.com/bildsben/iTunesRPC-Remastered/commit/1eb1e5428f0926b2829a0bbbb65b0d946e608593 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23611 – OS command injection in iTunesRPC-Remastered
https://notcve.org/view.php?id=CVE-2022-23611
04 Feb 2022 — iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS level command injection. This issue has been patched in commit cdcd48b. Users are advised to upgrade. iTunesRPC-Remastered es una utilidad de Discord Rich Presence para iTunes en Windows. En las versiones afectadas, iTunesRPC-Remastered no saneaba correctamente las rutas de los archivos de imagen, conllevando a una inyección de coma... • https://github.com/bildsben/iTunesRPC-Remastered/commit/cdcd48bbc44009ddcbd07a809b87376dc9ce37f4 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23603 – Code injection in iTunesRPC-Remastered
https://notcve.org/view.php?id=CVE-2022-23603
01 Feb 2022 — iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. In code before commit 24f43aa user input is not properly sanitized and code injection is possible. Users are advised to upgrade as soon as is possible. There are no known workarounds for this issue. iTunesRPC-Remastered es una aplicación de mucha presencia en discord para su uso con iTunes y Apple Music. En el código anterior al commit 24f43aa la entrada del usuario no es saneada apropiadamente y es posible una in... • https://github.com/bildsben/iTunesRPC-Remastered/commit/24f43aac0f4116b3d89fdbe973ba92c6cfb0d998 • CWE-116: Improper Encoding or Escaping of Output •