CNNVD-202508-255 Information
CNNVD ID
CNNVD-202508-255
Related CVE
- CNNVD Published: 2025-08-04
Description (Chinese)
StarDict是StarDict开源的一个桌面字典软件。 StarDict 3.0.7+git20220909+dfsg-6版本存在安全漏洞,该漏洞源于YouDao插件通过明文HTTP发送X11选择至远程服务器。
Description (English)
StarDict is an open-source desktop dictionary software for StarDict. StarDict 3.0.7+giti2022090909+dfsg-6 has a security loophole, which originates from your Dao plugin sending X11 to a remote server by express HTTP.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
StarDict
Published
2025-08-04
Last Modified
2026-02-24
References
https://lists.debian.org/debian-user/2025/08/msg00076.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110370 https://packages.debian.org/trixie/stardict https://packages.debian.org/trixie/stardict-gtk https://stardict-4.sourceforge.net/index_en.php https://www.openwall.com/lists/oss-security/2025/08/04/1 https://access.redhat.com/security/cve/cve-2025-55014
Patch
https://stardict-4.sourceforge.net/index_en.php
Share on: