GHSA-rmgp-j5rm-7ghv

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

Ссылки

EPSS

Процентиль: 64%

0.00474

Низкий

7.8 High

CVSS3

CVE ID

CVE-2017-9274

Дефекты

CWE-78

Связанные уязвимости

CVE-2017-9274

CVSS3: 7.8

ubuntu

почти 8 лет назад

A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

CVE-2017-9274

CVSS3: 7.8

nvd

почти 8 лет назад

A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

CVE-2017-9274

CVSS3: 7.8

debian

почти 8 лет назад

A shell command injection in the obs-service-source_validator before 0 ...

openSUSE-SU-2017:3259-1

suse-cvrf

около 8 лет назад

Security update for the OBS toolchain

SUSE-SU-2018:0065-1

suse-cvrf

около 8 лет назад

Fixing security issues on OBS toolchain

EPSS

Процентиль: 64%

0.00474

Низкий

7.8 High

CVSS3

CVE ID

CVE-2017-9274

Дефекты

CWE-78