VDB
GCVE-110-MAGEIA-2017-336
GCVE-110-MAGEIA-2017-336
Advisory Published
Adam Collard discovered that Bazaar did not properly handle host names
in 'bzr+ssh://' URLs. A remote attacker could use this to construct
a bazaar repository URL that when accessed could run arbitrary code
with the privileges of the user.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | bzr | 0 (affected), 2.7.0-1.1.mga6 (unaffected) | — |
| Mageia | bzr | 0 (affected), 2.6.0-11.1.mga5 (unaffected) | — |
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.