{"id":"CVE-2024-33899","details":"RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.","modified":"2026-03-13T07:54:50.371786Z","published":"2024-04-29T00:15:07.773Z","related":["SUSE-SU-2024:1975-1"],"references":[{"type":"ADVISORY","url":"https://www.rarlab.com/rarnew.htm"},{"type":"EVIDENCE","url":"https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"7.00"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-33899.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}