This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Detail | |||
---|---|---|---|
Vendor | Shadowsocks | First view | 2017-10-27 |
Product | Shadowsocks-Libev | Last view | 2017-10-27 |
Version | 2.4.5 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:shadowsocks:shadowsocks-libev |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2017-10-27 | CVE-2017-15924 | In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-02-05 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_3746de310a1a11e883e7485b3931c969.nasl - Type: ACT_GATHER_INFO |
2017-11-16 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-1274.nasl - Type: ACT_GATHER_INFO |
2017-10-30 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4009.nasl - Type: ACT_GATHER_INFO |