VYPR

opensysusers

by Opensysusers

CVEs (1)

  • CVE-2021-40084CriAug 25, 2021
    risk 0.64cvss 9.8epss 0.03

    opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers (a program with the same specification) does not do that.