CVE-2021-32563

Name of the Vulnerable Software and Affected Versions Thunar versions prior to 4.16.7 Thunar versions 4.17.x prior to 4.17.2

Description An issue was discovered in Thunar where it delegates to a different program based on the file type without user confirmation when called with a regular file as a command-line argument. This could be used to achieve code execution. The exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For Thunar versions prior to 4.16.7, update to version 4.16.7 or later. For Thunar versions 4.17.x prior to 4.17.2, update to version 4.17.2 or later.