CVE-2014-0593— sed command injection
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2014-0593
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
sed command injection
Source: NVD (National Vulnerability Database)
Vulnerability Description
The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
obs-service-set_version 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
obs-service-set_version是一个使用在Open Build Service(OBS)中的代码源验证器。 obs-service-set_version 0.5.3-1.1之前版中的set_version脚本存在安全漏洞,该漏洞源于程序没有正确的过滤用户提交的输入。攻击者可利用该漏洞执行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| openSUSE | obs-service-set_version | unspecified ~ 0.5.3-1.1 | - |
II. Public POCs for CVE-2014-0593
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2014-0593
Please Login to view more intelligence information
- https://www.suse.com/de-de/security/cve/CVE-2014-0593/x_refsource_CONFIRM
- https://bugzilla.suse.com/show_bug.cgi?id=866966x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2014-0593
Same Patch Batch · openSUSE · 2018-06-08 · 3 CVEs total
| CVE-2013-3703 | No write permission check in change_role command | |
| CVE-2014-0594 | CSRF protection incorrectly disabled |
IV. Related Vulnerabilities
Same vendor: openSUSE
Same weakness: CWE-78
- CVE-2026-42454
Termix: OS Command Injection in Docker Container Management - CVE-2026-44656
Vim: OS Command Injection via 'path' completion - CVE-2026-42307
Vim: OS Command Injection in netrw - CVE-2026-41497
Incomplete fix for CVE-2026-34935: Command Injection in Merv - CVE-2022-50994
DrayTek Vigor 2960 < 1.5.1.4 OS Command Injection via mainfu
V. Comments for CVE-2014-0593
No comments yet