Security Advisory

CVE-2017-12836

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-08-24 14:00:00

Last updated 2024-08-05 18:51:06

Assigner mitre

State PUBLISHED

Description

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

← Browse all CVEs View on cve.org ↗