Описание
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attac ...
EPSS
8.8 High
CVSS3
9.3 Critical
CVSS2