Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:57 a.m.7 views

CVE-2018-7032

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack...

7.5CVSS7.5AI score0.01822EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.16 views

Fedora 28 : myrepos (2018-f17daf1cd6)

Fixes for CVE-2018-7032 rhbz1383312, rhbz1383313 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.5CVSS7.2AI score0.01822EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/08/07 12:0 a.m.18 views

Fedora 27 : myrepos (2018-ee076d0530)

Fixes for CVE-2018-7032 rhbz1383312, rhbz1383313 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.5CVSS7.2AI score0.01822EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/08/07 12:0 a.m.14 views

Fedora Update for myrepos FEDORA-2018-f17daf1cd6

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01822EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/08/07 12:0 a.m.15 views

Fedora Update for myrepos FEDORA-2018-ee076d0530

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01822EPSS
Exploits1References2
NVD
NVD
added 2018/02/14 3:29 p.m.16 views

CVE-2018-7032

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack...

7.5CVSS7.7AI score0.01822EPSS
Exploits1References1
OSV
OSV
added 2018/02/14 3:29 p.m.3 views

ALPINE-CVE-2018-7032

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack...

7.5CVSS7.7AI score0.01822EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/02/14 3:0 p.m.29 views

CVE-2018-7032

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack...

7.7AI score0.01822EPSS
Exploits1References1
CVE
CVE
added 2018/02/14 3:0 p.m.76 views

CVE-2018-7032

CVE-2018-7032 affects the myrepos package, specifically the webcheckout component used when cloning via git. The issue is that URLs passed to git clone are not sanitized, enabling a remote attacker or MitM to craft a URL that could lead to arbitrary code execution (e.g., via an ext::sh -c attack ...

7.5CVSS7.6AI score0.01822EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder