Lucene search
GoogleOSV:CVE-2017-9274HistoryMar 01, 2018 - 8:29 p.m.
CVE-2017-9274
2018-03-0120:29:01
Google
osv.dev
2
0.003 Low
EPSS
Percentile
70.4%
A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.
| CPE | Name | Operator | Version |
|---|---|---|---|
| obs-service-source_validator | eq | 0.8 |
Related
openvas
openvas
Fedora Update for osc-source_validator FEDORA-2018-903354c26c
2018-01-17 00:00:00
Fedora Update for osc FEDORA-2018-ac8aab1f7a
2018-01-17 00:00:00
Fedora Update for osc FEDORA-2018-903354c26c
2018-01-17 00:00:00
cvelist
cvelist
CVE-2017-9274 osc executes spec code during "osc commit"
2017-12-08 00:00:00
nessus
nessus
Fedora 27 : osc / osc-source_validator (2018-ac8aab1f7a)
2018-01-17 00:00:00
Fedora 26 : osc / osc-source_validator (2018-903354c26c)
2018-01-17 00:00:00
openSUSE Security Update : the OBS toolchain (openSUSE-2017-1360)
2017-12-14 00:00:00
cve
cve
CVE-2017-9274
2018-03-01 20:29:01
fedora
fedora
[SECURITY] Fedora 26 Update: osc-source_validator-0.10-1.fc26
2018-01-16 16:57:49
[SECURITY] Fedora 27 Update: osc-source_validator-0.10-1.fc27
2018-01-16 17:22:41
[SECURITY] Fedora 26 Update: osc-0.162.1-230.1.1.fc26
2018-01-16 16:57:49
prion
prion
Command injection
2018-03-01 20:29:00
ubuntucve
ubuntucve
CVE-2017-9274
2018-03-01 00:00:00
nvd
nvd
CVE-2017-9274
2018-03-01 20:29:01
debiancve
debiancve
CVE-2017-9274
2018-03-01 20:29:01
suse
suse
Security update for the OBS toolchain (important)
2017-12-09 12:08:35
Fixing security issues on OBS toolchain (important)
2018-01-11 15:06:50
Fixing security issues on OBS toolchain (important)
2017-12-08 18:18:37