VYPR

GalaxyClient

by Gog.com

CVEs (2)

  • CVE-2020-15529HigJul 5, 2020
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks.

  • CVE-2020-15528HigJul 5, 2020
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks.