Описание
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 0.18.5-1 |
| cosmic | not-affected | 0.18.5-1 |
| devel | not-affected | 0.18.5-1 |
| disco | not-affected | 0.18.5-1 |
| eoan | not-affected | 0.18.5-1 |
| esm-apps/bionic | not-affected | 0.18.5-1 |
| esm-apps/focal | not-affected | 0.18.5-1 |
| esm-apps/jammy | not-affected | 0.18.5-1 |
| esm-apps/noble | not-affected | 0.18.5-1 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote a ...
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3