Fluid Attacks Database

Description

A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	gtk+2.0	=2.24.33-2 \|\| >=0 <2.24.33-2+deb11u1	2.24.33-2+deb11u1
debian 14	gtk+3.0	>=0 <3.24.43-1	3.24.43-1
debian 13	gtk+3.0	>=0 <3.24.43-1	3.24.43-1
debian 12	gtk+3.0	=3.24.37-2 \|\| =3.24.38-1 \|\| =3.24.38-2~deb12u1 \|\| >=0 <3.24.38-2~deb12u2	3.24.38-2~deb12u2
debian 12	gtk+2.0	=2.24.33-2 \|\| >=0 <2.24.33-2+deb12u1	2.24.33-2+deb12u1
debian 11	gtk+3.0	=3.24.24-4 \|\| =3.24.24-4+deb11u1 \|\| =3.24.24-4+deb11u2 \|\| =3.24.24-4+deb11u3 \|\| >=0 <3.24.24-4+deb11u4	3.24.24-4+deb11u4
debian 14	gtk+2.0	>=0 <2.24.33-5	2.24.33-5
debian 13	gtk+2.0	>=0 <2.24.33-5	2.24.33-5
rpm rhel6	gtk2	-	-
rpm rhel8	gtk2	-	-

1-10 of 15

Aliases

1. CVE-2024-66552. NVD-2024-66553. OSV-DEBIAN-2024-66554. OSV-2024-66555. SECURITY-TRACKER-CVE-2024-6655