First published: Wed Apr 16 2014(Updated: )
kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SUSE Studio Extension for System z | =1.2 | |
SUSE Studio Onsite | =1.2 | |
Suse Kiwi | <=4.98.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.