EPSS
Percentile
70.4%
A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.
bugzilla.suse.com/show_bug.cgi?id=938556
lists.opensuse.org/opensuse-security-announce/2017-12/msg00024.html
www.suse.com/de-de/security/cve/CVE-2017-9274/