Описание
The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия от 0.5.3 (включая) до 1.1 (исключая)
cpe:2.3:o:opensuse:open_build_service:*:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.0047
Низкий
7.8 High
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server.
EPSS
Процентиль: 64%
0.0047
Низкий
7.8 High
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
CWE-20