High severity7.5NVD Advisory· Published Jun 16, 2017· Updated Jun 17, 2026
CVE-2017-9731
CVE-2017-9731
Description
In meta/classes/package_ipk.bbclass in Poky in poky-pyro 17.0.0 for Yocto Project through YP Core - Pyro 2.3, attackers can obtain sensitive information by reading a URL in a Source entry in an ipk package.
Affected products
2- cpe:2.3:a:yocto_project:yp_core-pyro:2.3:*:*:*:*:*:*:*
- Range: <= YP Core - Pyro 2.3
Patches
Vulnerability mechanics
References
1- git.yoctoproject.org/cgit/cgit.cgi/poky/patch/nvdMailing ListPatchThird Party Advisory
News mentions
0No linked articles in our index yet.