MGASA-2020-0470 - Updated erlang-rebar3 package fixes security vulnerability Publication date: 25 Dec 2020 URL: https://advisories.mageia.org/MGASA-2020-0470.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-13802 Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification (CVE-2020-13802). References: - https://bugs.mageia.org/show_bug.cgi?id=27511 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13802 SRPMS: - 7/core/erlang-rebar3-3.9.0-1.1.mga7
Mageia 2020-0470: erlang-rebar3 security update
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification (CVE-2020-13802)
Summary
CVE: CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection
via URL parameter of dependency specification (CVE-2020-13802).
Resolution
MGASA-2020-0470 - Updated erlang-rebar3 package fixes security vulnerability
References
- https://bugs.mageia.org/show_bug.cgi?id=27511
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13802
Severity
Issued Date: 25 Dec 2020
URL: https://advisories.mageia.org/MGASA-2020-0470.html
Type: security
Affected Mageia releases: 7
News
HOWTOs
Features
Secure Linux Hosting for Businesses
What Is Threat Intelligence?
CloudLinux Simplifies & Enhances Linux Security with its TuxCare Unified Enterprise Support Services
LinuxSecurity, Leading Provider of Linux Security News and Information, Unveils its New Website
Biden’s New Executive Cybersecurity Order Highlights the Power of Open-Source Security
About Us
Powered By
