Описание
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 3.1.0-2 |
| cosmic | not-affected | 3.1.0-2 |
| devel | not-affected | 3.1.0-2 |
| disco | not-affected | 3.1.0-2 |
| eoan | not-affected | 3.1.0-2 |
| esm-apps/bionic | not-affected | 3.1.0-2 |
| esm-apps/focal | not-affected | 3.1.0-2 |
| esm-apps/jammy | not-affected | 3.1.0-2 |
| esm-apps/noble | not-affected | 3.1.0-2 |
Показывать по
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.
Ohcount 3.0.0 is prone to a command injection via specially crafted fi ...
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.
Уязвимость программного средства для подсчета строк исходного кода Ohcount, связанная с отсутствием мер по очистке входных данных, позволяющая нарушителю выполнить произвольный код
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3