VDB

GCVE-110-MAGEIA-2017-436

GCVE-110-MAGEIA-2017-436
Advisory Published
Vulnetix · Advisory published December 1, 2017
In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions

Affected Products

VendorProductVersionsPlatforms
Mageiashadowsocks-libev0 (affected), 3.1.0-1.mga6 (unaffected)

Browse GCVE Records

72,148 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›