Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
FrostWire 6.14.0-build-326 for macOS contains permissive entitlements (allow-dyld-environment-variables, disable-library-validation) that allow unprivileged local attackers to inject code into the FrostWire process via the DYLD_INSERT_LIBRARIES environment variable. This allows escalated privileges to arbitrary TCC-approved directories.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FrostWire 安全漏洞
Vulnerability Description
FrostWire是FrostWire开源的一款P2P文件共享客户端。 FrostWire 6.14.0-build-326版本存在安全漏洞,该漏洞源于权限设置过于宽松,可能导致代码注入和权限提升。
CVSS Information
N/A
Vulnerability Type
N/A