Описание
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2.9-6 |
| bionic | not-affected | 2.9-6 |
| cosmic | not-affected | 2.9-6 |
| devel | DNE | |
| disco | not-affected | 2.9-6 |
| eoan | DNE | |
| esm-apps/bionic | not-affected | 2.9-6 |
| esm-apps/xenial | released | 2.9-3ubuntu0.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/focal | DNE |
Показывать по
9.3 Critical
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL.
Improper Neutralization of Special Elements used in an OS Command in b ...
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL.
Уязвимость функции установки закладки консольной программы Newsbeuter версии от 0.7 до 2.9 операционной системы Debian GNU/Linux, позволяющая нарушителю внедрить код
9.3 Critical
CVSS2
8.8 High
CVSS3