Lucene search
Veracode Vulnerability DatabaseVERACODE:39819HistoryMar 18, 2023 - 1:15 a.m.
Command Injection
2023-03-1801:15:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
1
command injection
update.c
attacker manipulation
os command injection
liferea
liferea is vulnerable to Command Injection. The vulnerability exists in the update_job_run function of update.c, which allows an attacker to manipulate of the argument source with the input |date >/tmp/bad-item-link.txt leads to os command injection
| CPE | Name | Operator | Version |
|---|---|---|---|
| liferea:sid | eq | 1.13.3-1 | |
| liferea:sid | eq | 1.13.6-2 | |
| liferea:sid | eq | 1.13.3-1 | |
| liferea:sid | eq | 1.13.6-2 |
Related
nessus
nessus
Fedora 38 : liferea (2023-5a91738e22)
2023-03-22 00:00:00
openSUSE 15 Security Update : liferea (openSUSE-SU-2023:0096-1)
2023-04-28 00:00:00
Fedora 36 : liferea (2023-f0ee64e7ec)
2023-03-23 00:00:00
nvd
nvd
CVE-2023-1350
2023-03-11 09:15:10
cvelist
cvelist
osv
osv
CVE-2023-1350
2023-03-11 09:15:10
openvas
openvas
Fedora: Security Advisory for liferea (FEDORA-2023-5a91738e22)
2023-03-23 00:00:00
Fedora: Security Advisory for liferea (FEDORA-2023-f0ee64e7ec)
2023-03-23 00:00:00
Fedora: Security Advisory for liferea (FEDORA-2023-1ba7a77530)
2023-03-23 00:00:00
prion
prion
Command injection
2023-03-11 09:15:00
mageia
mageia
Updated liferea packages fix security vulnerability
2023-03-19 01:16:28
gentoo
gentoo
Liferea: Remote Code Execution
2024-07-01 00:00:00
cve
cve
CVE-2023-1350
2023-03-11 09:15:10
fedora
fedora
[SECURITY] Fedora 37 Update: liferea-1.14.1-1.fc37
2023-03-23 01:33:45
[SECURITY] Fedora 38 Update: liferea-1.14.1-1.fc38
2023-03-23 00:18:19
[SECURITY] Fedora 36 Update: liferea-1.14.1-1.fc36
2023-03-23 01:24:00
ubuntucve
ubuntucve
CVE-2023-1350
2023-03-11 00:00:00
debiancve
debiancve
CVE-2023-1350
2023-03-11 09:15:10