Описание
Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input was included in command arguments, attacker could use this flaw to execute arbitrary command.
Ссылки
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.2.0 (включая) до 1.5.0 (исключая)
cpe:2.3:a:manageiq:awesomespawn:*:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01367
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 8.1
redhat
почти 12 лет назад
Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input was included in command arguments, attacker could use this flaw to execute arbitrary command.
EPSS
Процентиль: 80%
0.01367
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78
CWE-78