CNNVD-202509-943 Information

CNNVD ID

CNNVD-202509-943

Related CVE

CVE-2025-55037

• CNNVD Published: 2025-09-05

Description (Chinese)

TkEasyGUI是kujirahand个人开发者的一个在Python中的GUI库。 TkEasyGUI 1.0.22之前版本存在操作系统命令注入漏洞，该漏洞源于特殊元素中和不当，可能导致远程未认证攻击者执行任意OS命令。

Description (English)

TkEasyGUI is a GUI bank of kujirahand personal developers in Python. The previous version of TkEasyGUI 1.0.22 had a gap in the operating system commands, which originated in a special element and was inappropriate, and could result in a remote uncertified attacker performing an arbitrary OS order.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

个人开发者

Published

2025-09-05

Last Modified

2026-02-24

References

https://github.com/kujirahand/tkeasygui-python/releases/tag/v1.0.22 https://jvn.jp/en/jp/JVN48739895/

Patch

https://github.com/kujirahand/tkeasygui-python/releases