Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-12836

Опубликовано: 24 авг. 2017
Источник: debian
EPSS Низкий

Описание

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

Пакеты

ПакетСтатусВерсия исправленияРелизТип
cvsfixed2:1.12.13+real-24package

Примечания

  • https://www.openwall.com/lists/oss-security/2017/08/11/1

EPSS

Процентиль: 89%
0.04282
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2017-12836

CVSS3: 7.5
ubuntu
больше 8 лет назад

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

redhat логотип

CVE-2017-12836

CVSS3: 5
redhat
больше 8 лет назад

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

nvd логотип

CVE-2017-12836

CVSS3: 7.5
nvd
больше 8 лет назад

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

suse-cvrf логотип

openSUSE-SU-2017:2483-1

suse-cvrf
больше 8 лет назад

Security update for cvs

suse-cvrf логотип

SUSE-SU-2017:2422-1

suse-cvrf
больше 8 лет назад

Security update for cvs

EPSS

Процентиль: 89%
0.04282
Низкий