CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
58.6%
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | osc | < 0.134.0-1 | osc_0.134.0-1_all.deb |
Debian | 11 | all | osc | < 0.134.0-1 | osc_0.134.0-1_all.deb |
Debian | 999 | all | osc | < 0.134.0-1 | osc_0.134.0-1_all.deb |
Debian | 13 | all | osc | < 0.134.0-1 | osc_0.134.0-1_all.deb |