CVE-2020-17354

CVSS v3.1

8.6

High

Vector

AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LilyPond versions prior to 2.24

Description The issue allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. In versions 2.24 and later, safe mode is removed, and the product no longer tries to block code execution when external files are used.

Recommendations For versions prior to 2.24, update to version 2.24 or later, as safe mode is removed in these versions and the product no longer tries to block code execution when external files are used. As a temporary workaround, consider avoiding the use of output-def-lookup and output-def-scope until the issue is resolved.

Exploit

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

ALT-PU-2023-6382

ALT-PU-2023-6513

ALT-PU-2025-14667

CVE-2020-17354

MGASA-2023-0325

OPENSUSE-SU-2023:0137-1

Affected Products

Alt Linux

Debian

Lilypond

CVE-2020-17354

Weakness Enumeration

Related Identifiers

Affected Products

References · 33