CVE-2017-1002157

modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.
References
Link Resource
https://pagure.io/modulemd/issue/55 Issue Tracking
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:modulemd:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-01-10 21:29

Updated : 2024-02-04 20:03


NVD link : CVE-2017-1002157

Mitre link : CVE-2017-1002157

CVE.ORG link : CVE-2017-1002157


JSON object : View

Products Affected

redhat

  • modulemd
CWE
CWE-20

Improper Input Validation

CWE-242

Use of Inherently Dangerous Function