vulnerability
SUSE: CVE-2017-17531: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Dec 14, 2017 | Dec 27, 2017 | Apr 20, 2021 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Dec 14, 2017
Added
Dec 27, 2017
Modified
Apr 20, 2021
Description
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
Solutions
suse-upgrade-globalsuse-upgrade-global-debuginfosuse-upgrade-global-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.