Home Original page

shadowsocks-libev - Arch Linux

Resolved

Group Affected Fixed Severity Status Ticket
AVG-474 3.1.0-2 3.1.1-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2017-15924 AVG-474 High No Arbitrary command execution 
In manager.c in ss-manager in shadowsocks-libev before 3.1.1, improper parsing allows command injection via shell metacharacters in a JSON configuration...

Advisories

Date Advisory Group Severity Description
30 Nov 2017 ASA-201711-40 AVG-474 High arbitrary command execution