Описание
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | not-affected | 1.2.1-1 |
| disco | not-affected | 1.2.1-1 |
| eoan | not-affected | 1.2.1-1 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 1.2.1-1 |
| esm-apps/jammy | not-affected | 1.2.1-1 |
| esm-apps/noble | not-affected | 1.2.1-1 |
| esm-apps/xenial | needs-triage |
Показывать по
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() i ...
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3