1 results (0.003 seconds)
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11627
https://notcve.org/view.php?id=CVE-2019-11627
gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. gpg-key2ps en signing-party versión 1.1.x y 2.x anteriores a la 2.10-1 contiene una llamada de shell insegura que permite la inyección de shell a través de un ID de usuario. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00029.html https://bugs.debian.org/928256 https://lists.debian.org/debian-lts-announce/2019/05/msg00001.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •