Unrated severityOSV Advisory· Published Jun 19, 2018· Updated Aug 5, 2024
CVE-2018-12562
CVE-2018-12562
Description
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home/../tmp/* string).
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.openwall.com/lists/oss-security/2018/06/18/1mitrex_refsource_MISC
- github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.