CVE-2017-9274

Опубликовано: 01 мар. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 9.3

CVSS3: 7.8

Описание

A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	0.162.1-1
cosmic	not-affected	0.162.1-1
devel	not-affected	0.162.1-1
disco	not-affected	0.162.1-1
eoan	not-affected	0.162.1-1
esm-apps/bionic	not-affected	0.162.1-1
esm-apps/focal	not-affected	0.162.1-1
esm-apps/jammy	not-affected	0.162.1-1
esm-apps/noble	not-affected	0.162.1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 64%

0.00474

Низкий

9.3 Critical

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2017-9274

CVSS3: 7.8

nvd

почти 8 лет назад

A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

CVE-2017-9274

CVSS3: 7.8

debian

почти 8 лет назад

A shell command injection in the obs-service-source_validator before 0 ...

GHSA-rmgp-j5rm-7ghv

CVSS3: 7.8

github

больше 3 лет назад

A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

openSUSE-SU-2017:3259-1

suse-cvrf

около 8 лет назад

Security update for the OBS toolchain

SUSE-SU-2018:0065-1

suse-cvrf

около 8 лет назад

Fixing security issues on OBS toolchain

EPSS

Процентиль: 64%

0.00474

Низкий

9.3 Critical

CVSS2

7.8 High

CVSS3

CVE-2017-9274

Описание

Пакет osc

Ссылки на источники

Связанные уязвимости