CVE-2024-33899

HIGH Year: 2024
CVSS v3 Score
7.1
High
Weakness Type
CWE-150
View all →

Vulnerability Description

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.

Related Vulnerabilities

CVE-2024-36052

HIGH
CVSS:7.5(High)

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.

CWE-1502024

CVE-2024-27936

MEDIUM
CVSS:6.5(Medium)

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can s...

CWE-1502024

CVE-2024-9774

MEDIUM
CVSS:6.5(Medium)

A vulnerability was found in python-sql where unary operators do not escape non-Expression.

CWE-1502024

CVE-2025-1692

MEDIUM
CVSS:6.3(Medium)

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the user’s clipboard could manipulate them to paste text into mongosh that evaluates arbitrary cod...

CWE-1502025

CVE-2023-40185

HIGH
CVSS:8.6(High)

shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping (or quoting) for the...

CWE-1502023

CVE-2025-30089

MEDIUM
CVSS:5.4(Medium)

gurk (aka gurk-rs) through 0.6.3 mishandles ANSI escape sequences.

CWE-1502025