This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Shadowsocks First view 2017-10-27
Product Shadowsocks-Libev Last view 2017-10-27
Version 2.4.5 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:shadowsocks:shadowsocks-libev

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2017-10-27 CVE-2017-15924

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

Nessus® Vulnerability Scanner

id Description
2018-02-05 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_3746de310a1a11e883e7485b3931c969.nasl - Type: ACT_GATHER_INFO
2017-11-16 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1274.nasl - Type: ACT_GATHER_INFO
2017-10-30 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4009.nasl - Type: ACT_GATHER_INFO