CVE-2021-35331 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Arbitrary code execution
Description	DISPUTED In Tcl before version 8.6.12, a format string vulnerability in nmakehlp.c might allow code execution via a crated file. NOTE: multiple third parties dispute the significance of this finding.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2135	tcl	8.6.11-1	8.6.12-1	Low	Fixed

References
https://sqlite.org/forum/info/7dcd751996c93ec9 https://core.tcl-lang.org/tcl/info/bad6cc213dfe8280c25b3bfe3e5830e9e2481f91 https://core.tcl-lang.org/tcl/info/28ef6c0c741408a2defd50daf1ce359a95b4b9dac6e378b46b0ec34cefdf857f https://github.com/tcltk/tcl/commit/30db6ce78e7c4b96b977320e4d16555a93401c

References

https://sqlite.org/forum/info/7dcd751996c93ec9
https://core.tcl-lang.org/tcl/info/bad6cc213dfe8280c25b3bfe3e5830e9e2481f91
https://core.tcl-lang.org/tcl/info/28ef6c0c741408a2defd50daf1ce359a95b4b9dac6e378b46b0ec34cefdf857f
https://github.com/tcltk/tcl/commit/30db6ce78e7c4b96b977320e4d16555a93401c