ID CVE-2017-1002157
Summary modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-8258F76154.NASL
    description This update fixes CVE-2017-1002157 -- possible arbitrary code execution when loading multiple documents with `load_all` / `loads_all`. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2017-11-07
    plugin id 104417
    published 2017-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=104417
    title Fedora 25 : modulemd (2017-8258f76154)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-CC316727F5.NASL
    description This update fixes CVE-2017-1002157 -- possible arbitrary code execution when loading multiple documents with `load_all` / `loads_all`. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-01-15
    plugin id 105978
    published 2018-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105978
    title Fedora 27 : modulemd (2017-cc316727f5)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-94A173C491.NASL
    description This update fixes CVE-2017-1002157 -- possible arbitrary code execution when loading multiple documents with `load_all` / `loads_all`. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2017-11-07
    plugin id 104418
    published 2017-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=104418
    title Fedora 26 : modulemd (2017-94a173c491)
refmap via4
confirm https://pagure.io/modulemd/issue/55
Last major update 10-01-2019 - 16:29
Published 10-01-2019 - 16:29
Last modified 10-01-2019 - 16:29
Back to Top