Podatność CVE-2017-1000487

Podatność CVE-2017-1000487

Publikacja: 2018-01-03

Opis:

Typ:

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
7.5/10	6.4/10	10/10

Affected software
Plexus-utils project -> Plexus-utils

https://access.redhat.com/errata/RHSA-2018:1322

https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41

https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html

https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html

https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522

https://www.debian.org/security/2018/dsa-4146

https://www.debian.org/security/2018/dsa-4149