4 matches found
Fedora 30 : pacman (2020-096fbcc91f)
Update to latest version. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
CVE-2019-18182
The CVE-2019-18182 entry concerns pacman before 5.2. The vulnerability is a command-injection in download_with_xfercommand() in conf.c, exploitable when unsigned databases are used and a non-default XferCommand is enabled, with attacker-controlled database data. Impact is arbitrary command execut...
CVE-2019-18182
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...
[ASA-201910-13] pacman: arbitrary command execution
Arch Linux Security Advisory ASA-201910-13 ========================================== Severity: High Date : 2019-10-23 CVE-ID : CVE-2019-18182 CVE-2019-18183 Package : pacman Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1049 Summary ======= The package...