Lucene search
K

11 matches found

OSV
OSV
added 2014/10/25 9:55 p.m.13 views

CVE-2014-1927

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

7.2AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2014/10/25 9:55 p.m.34 views

CVE-2014-1927

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

7.5CVSS6.1AI score0.03388EPSS
Exploits2References2
CVE
CVE
added 2014/10/25 9:0 p.m.81 views

CVE-2014-1927

The CVE-2014-1927 entry concerns the shell_quote function in python-gnupg 0.3.5, which does not properly quote strings and can allow context-dependent attackers to execute arbitrary code via shell metacharacters. The documented vector examples reference using "$(" command-substitution sequences, ...

7.5CVSS7.3AI score0.03388EPSS
Exploits2References7Affected Software1
Cvelist
Cvelist
added 2014/10/25 9:0 p.m.54 views

CVE-2014-1927

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

7.2AI score0.03388EPSS
Exploits2References7
Debian CVE
Debian CVE
added 2014/10/25 9:0 p.m.30 views

CVE-2014-1927

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

7.5CVSS7.3AI score0.03388EPSS
Exploits2
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.83 views

[SECURITY] [DSA 2946-1] python-gnupg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2946-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 04, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.8AI score0.03388EPSS
Exploits6
Debian
Debian
added 2014/06/04 4:55 p.m.34 views

[SECURITY] [DSA 2946-1] python-gnupg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2946-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 04, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.03388EPSS
Exploits6
OpenVAS
OpenVAS
added 2014/02/25 12:0 a.m.30 views

Fedora Update for python-gnupg FEDORA-2014-2103

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.03388EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2014/02/23 12:0 a.m.30 views

Fedora 19 : python-gnupg-0.3.6-1.fc19 (2014-2140)

fixes protection against shell injection from previous 0.3.5 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.4AI score0.03388EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2014/02/23 12:0 a.m.32 views

Fedora 20 : python-gnupg-0.3.6-1.fc20 (2014-2103)

fixes protection against shell injection from previous 0.3.5 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.4AI score0.03388EPSS
Exploits6References6
seebug.org
seebug.org
added 2014/02/17 12:0 a.m.34 views

Python-gnupg远程命令执行漏洞(CVE-2014-1927)

BUGTRAQ ID: 65546 CVECAN ID: CVE-2014-1927 Python-gnupg是使用Python API的GNU隐私保护程序。 Python-gnupg 0.3.6之前版本在实现上存在远程命令执行漏洞,攻击者可利用此漏洞在受影响应用上下文中执行任意命令。 0 Google Python-gnupg 0.3.6 Google Python-gnupg 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: https://code.google.com/p/python-gnupg/...

7.5CVSS0.03388EPSS
Exploits2
Rows per page
Query Builder