Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2018-0445
HistoryNov 12, 2018 - 12:39 a.m.

Updated python-dulwich packages fix security vulnerability

2018-11-1200:39:12
Gentoo Foundation
advisories.mageia.org
22

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

72.4%

JSON

Dulwich, when an SSH subprocess is used, allowed remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname (CVE-2017-16228).

OSVersionArchitecturePackageVersionFilename
Mageia6noarchpython-dulwich< 0.12.0-1.2python-dulwich-0.12.0-1.2.mga6

Related

nessus 5
suse 1
openvas 7
fedora 1
osv 4
debiancve 3
cve 3
nvd 3
veracode 1
ubuntucve 3
prion 3
redhatcve 2
cvelist 3
github 1
nessus
nessus
Fedora 27 : python-dulwich (2017-5dd9b12179)
2018-01-15 00:00:00
openSUSE Security Update : python-dulwich (openSUSE-2018-801)
2018-08-07 00:00:00
EulerOS 2.0 SP2 : bzr (EulerOS-SA-2021-1283)
2021-02-22 00:00:00
suse
suse
Security update for python-dulwich (moderate)
2018-08-06 15:16:15
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:2047-1)
2021-06-09 00:00:00
Fedora Update for python-dulwich FEDORA-2017-5dd9b12179
2017-12-16 00:00:00
Mageia: Security Advisory (MGASA-2018-0445)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: python-dulwich-0.18.6-1.fc27
2017-12-15 10:12:23
osv
osv
python310-dulwich-0.21.7-1.3 on GA media
2024-07-12 00:00:00
CVE-2017-16228
2017-10-29 20:29:00
PYSEC-2017-12
2017-10-29 20:29:00
debiancve
debiancve
CVE-2017-16228
2017-10-29 20:29:00
CVE-2017-14176
2017-11-27 10:29:00
CVE-2017-17459
2017-12-07 18:29:00
cve
cve
CVE-2017-16228
2017-10-29 20:29:00
CVE-2017-14176
2017-11-27 10:29:00
CVE-2017-17459
2017-12-07 18:29:00
nvd
nvd
CVE-2017-16228
2017-10-29 20:29:00
CVE-2017-14176
2017-11-27 10:29:00
CVE-2017-17459
2017-12-07 18:29:00
veracode
veracode
Arbitrary Command Execution
2017-10-30 00:47:04
ubuntucve
ubuntucve
CVE-2017-16228
2017-10-29 00:00:00
CVE-2017-14176
2017-09-05 00:00:00
CVE-2017-17459
2017-12-07 00:00:00
prion
prion
Design/Logic Flaw
2017-10-29 20:29:00
Design/Logic Flaw
2017-11-27 10:29:00
Design/Logic Flaw
2017-12-07 18:29:00
redhatcve
redhatcve
CVE-2017-16228
2017-11-03 14:19:26
CVE-2017-14176
2017-09-12 07:48:25
cvelist
cvelist
CVE-2017-16228
2017-10-29 20:00:00
CVE-2017-14176
2017-11-27 10:00:00
CVE-2017-17459
2017-12-07 18:00:00
github
github
Dulwich RCE Vulnerability
2022-05-13 01:44:04

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

72.4%

JSON
Related for MGASA-2018-0445
nessus5suse1openvas7fedora1osv4debiancve3cve3nvd3veracode1ubuntucve3prion3redhatcve2cvelist3github1