← Back to CVE List

CVE-2024-33434

Published: 2024-05-07T14:15Z
Last Modified: 2024-11-21T09:16Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An issue in tiagorlampert CHAOS before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e allows a remote attacker to execute arbitrary code via the unsafe concatenation of the `filename` argument into the `buildStr` string without any sanitization or filtering. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt