CVE-2021-35331

Published: 7/5/2021 Last updated: 8/4/2024 Reserved: 6/23/2021

In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-tcl

Products affected (1)

Product	Vendor	Version
n/a	n/a	Snapdragon 678 Mobile Platform (SM6150-AC)

References (8)

https://core.tcl-lang.org/tcl/info/bad6cc213dfe8280
https://core.tcl-lang.org/tcl/info/28ef6c0c741408a2
https://github.com/tcltk/tcl/commit/4705dbdde2f32ff90420765cd93e7ac71d81a222
https://sqlite.org/forum/info/7dcd751996c93ec9
https://core.tcl-lang.org/tcl/info/bad6cc213dfe8280
https://core.tcl-lang.org/tcl/info/28ef6c0c741408a2
https://github.com/tcltk/tcl/commit/4705dbdde2f32ff90420765cd93e7ac71d81a222
https://sqlite.org/forum/info/7dcd751996c93ec9