| Max CVSS | 7.5 | Min CVSS | 4.4 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-1927 | 7.5 |
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$(" command-substitution sequen
|
29-10-2014 - 01:22 | 25-10-2014 - 21:55 | |
| CVE-2014-1929 | 4.4 |
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.
|
27-10-2014 - 19:38 | 25-10-2014 - 21:55 | |
| CVE-2014-1928 | 4.6 |
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\" (backslash) characters t
|
27-10-2014 - 19:24 | 25-10-2014 - 21:55 | |
| CVE-2013-7323 | 7.5 |
python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. Per: http://cwe.mitre.org/data/definitions/77.html
"CWE-77: Improper Neutralization of Special Elements used
|
24-06-2014 - 14:59 | 09-06-2014 - 19:55 |