Security Advisory

CVE-2024-41997

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-14 00:00:00

Last updated 2024-10-16 19:31:11

Assigner mitre

State PUBLISHED

Description

An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the `warp://action/docker/open_subshell` intent that when clicked by the victim results in command execution on the victims machine.

← Browse all CVEs View on cve.org ↗