CVE-2017-1002153

Опубликовано: 06 окт. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	ignored	end of standard support, was needed
cosmic	not-affected	1.16.0-2
devel	DNE
disco	not-affected	1.16.0-2
eoan	not-affected	1.16.0-2
esm-apps/bionic	needed
esm-apps/xenial	needed
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE

Показывать по

EPSS

Процентиль: 55%

0.0032

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2017-1002153

CVSS3: 7.5

nvd

больше 8 лет назад

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.

CVE-2017-1002153

CVSS3: 7.5

debian

больше 8 лет назад

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker ...

GHSA-vwp5-w4rq-g4cc

CVSS3: 7.5

github

больше 3 лет назад

Koji blacklisted paths workaround

EPSS

Процентиль: 55%

0.0032

Низкий

5 Medium

CVSS2

7.5 High

CVSS3