First published: Tue Oct 24 2023(Updated: )
In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/traceroute | <2.1.3 | 2.1.3 |
debian/traceroute | <=1:2.1.0-2+deb11u1<=1:2.1.2-1 | 1:2.1.6-1 |
>=2.0.12<2.1.3 | ||
=10.0 | ||
=11.0 | ||
=12.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-46316 is a vulnerability in buc Traceroute version 2.0.12 through 2.1.2 before 2.1.3 that can be exploited by malicious actors.
CVE-2023-46316 has a severity level of critical, with a CVSS score of 9.8.
CVE-2023-46316 affects buc Traceroute 2.0.12 through 2.1.2 before 2.1.3.
To fix CVE-2023-46316, update buc Traceroute to version 2.1.3.
You can find more information about CVE-2023-46316 at the following references: [link1](https://security-tracker.debian.org/tracker/CVE-2023-46316), [link2](https://sourceforge.net/projects/traceroute/files/traceroute/traceroute-2.1.3/)