← voltar
CVE-2021-40084

CVE-2021-40084

EPSS 2.7%
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers (a program with the same specification) does not do that.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugs.debian.org/992058https://github.com/artix-linux/opensysusers/releases