CVE-2017-1002153

CVE-2017-1002153

Vendor Koji Project
Product Koji
Weakness CWE-20 · Input validation
Published October 6, 2017
Last update September 16, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.

Key dates

02Disclosure timeline

October 6, 2017 CVE published
September 16, 2024 Record updated