Gentoo Linux Security Advisory 201709-17 - A command injection vulnerability in CVS may allow remote attackers to execute arbitrary code. Versions less than 1.12.12-r12 are affected.
78f216f749a83a59358d93b2407ec3478ef2da3649ff8b7511fbd25def623d28Ubuntu Security Notice 3399-1 - Hank Leininger discovered that cvs did not properly handle SSH for remote repositories. A remote attacker could use this to construct a cvs repository that when accessed could run arbitrary code with the privileges of the user.
e23e4f58ae7a4fb2abde5c65507b1ea997de4d014bc53813f98e38b53a87c713
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed