Lucene search
PRIOn knowledge basePRION:CVE-2023-1350HistoryMar 11, 2023 - 9:15 a.m.
Command injection
2023-03-1109:15:00
PRIOn knowledge base
www.prio-n.com
3
liferea
command injection
critical vulnerability
feed enrichment
os command injection
remote attack
patch
vdb-222848
A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function update_job_run of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date >/tmp/bad-item-link.txt leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 8d8b5b963fa64c7a2122d1bbfbb0bed46e813e59. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-222848.
Related
nessus
nessus
Fedora 38 : liferea (2023-5a91738e22)
2023-03-22 00:00:00
Fedora 36 : liferea (2023-f0ee64e7ec)
2023-03-23 00:00:00
Fedora 37 : liferea (2023-1ba7a77530)
2023-03-23 00:00:00
ubuntucve
ubuntucve
CVE-2023-1350
2023-03-11 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: liferea-1.14.1-1.fc37
2023-03-23 01:33:45
[SECURITY] Fedora 38 Update: liferea-1.14.1-1.fc38
2023-03-23 00:18:19
[SECURITY] Fedora 36 Update: liferea-1.14.1-1.fc36
2023-03-23 01:24:00
openvas
openvas
Fedora: Security Advisory for liferea (FEDORA-2023-1ba7a77530)
2023-03-23 00:00:00
Fedora: Security Advisory for liferea (FEDORA-2023-f0ee64e7ec)
2023-03-23 00:00:00
Mageia: Security Advisory (MGASA-2023-0103)
2023-03-28 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2023-1350
2023-03-11 09:15:10
cve
cve
CVE-2023-1350
2023-03-11 09:15:10
mageia
mageia
Updated liferea packages fix security vulnerability
2023-03-19 01:16:28
veracode
veracode
Command Injection
2023-03-18 01:15:45
osv
osv
CVE-2023-1350
2023-03-11 09:15:10
debiancve
debiancve
CVE-2023-1350
2023-03-11 09:15:10