CVE-2019-11627

Опубликовано: 30 апр. 2019

Источник: debian

EPSS Низкий

Описание

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID.

Пакет	Статус	Версия исправления	Релиз	Тип
signing-party	fixed	2.10-1		package
signing-party	fixed	2.5-1+deb9u1	stretch	package

https://salsa.debian.org/signing-party-team/signing-party/commit/cd69b6c0426a6160ef3de03fce9c7f112166d5a8

EPSS

Процентиль: 65%

0.00498

Низкий

CVE-2019-11627

CVSS3: 9.8

ubuntu

почти 7 лет назад

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID.

CVE-2019-11627

CVSS3: 9.8

nvd

почти 7 лет назад

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID.

openSUSE-SU-2019:1388-1

suse-cvrf

больше 6 лет назад

Security update for signing-party

GHSA-rc9j-5pgx-7w89

CVSS3: 9.8

github

больше 3 лет назад

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID.

EPSS

Процентиль: 65%

0.00498

Низкий