CVE-2014-0479

EPSS 0.68%

reportbug - security update

Published: 8/6/2014Modified: 3/9/2026

Also known as:DSA-2997-1DEBIAN-CVE-2014-0479

Description

reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compare_versions and reportbug/checkversions.py.

Affected packages (3)

Debian/reportbugfrom 0, < 6.5.0+nmu1
Debian/reportbugfrom 0, < 4.12.6+deb6u1
Debian/reportbugfrom 0, < 6.4.4+deb7u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-0479