CVE-2023-22970
Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file.
| Software | From | Fixed in |
|---|---|---|
| usebottles / bottles | - | 51.0 |
| fedoraproject / fedora | 37 | 37.x |
| fedoraproject / fedora | 38 | 38.x |
- https://github.com/bottlesdevs/Bottles/issues/2463
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N24KI3O3FWGKJSLATY35ZM3CHSABJ6WE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZJZEE4RAAK7OPVQNE4BOWUVQDVSZU6NJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N24KI3O3FWGKJSLATY35ZM3CHSABJ6WE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJZEE4RAAK7OPVQNE4BOWUVQDVSZU6NJ/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime