VDB
CVE-2024-33899
CVE-2024-33899
PUBLISHED
WinRAR ist ein Dateiarchivierungsprogramm zum Erstellen und Entpacken von Archiven im RAR oder ZIP Datenformat.
EPSS 1.39% · 80.8th percentile
Risk Scores
EPSS Score
1.39%
80.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Ubuntu Linux | |
| SUSE | SUSE Linux | |
| win.rar | win.rar WinRAR <7.00 |
Exploit Intelligence
- https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983 (nist-nvd)
- https://www.rarlab.com/rarnew.htm (circl)
- cve.html (github-poc)
- cve.html (github-poc)
- cve.html (github-poc)
- cve.html (github-poc)
- cve.html (github-poc)
- cve.html (github-poc)
- cve.html (github-poc)
- cve.html (github-poc)
Timeline
- Apr 28, 2024 CVE Published
- Apr 29, 2024 EPSS Score
- May 23, 2024 EPSS Score
- Jun 18, 2024 EPSS Score
- Jul 12, 2024 EPSS Score
- Aug 2, 2024 CVE Updated
- Aug 30, 2024 EPSS Score
- Sep 24, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 18, 2024 EPSS Score
- Nov 12, 2024 EPSS Score
- Dec 7, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0983.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0983 advisory
- https://github.com/advisories/GHSA-7m59-rfr2-gh4p advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-33899 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-June/018689.html advisory
- https://ubuntu.com/security/notices/USN-7350-1 advisory