Spice-space - Spice-vdagent CVE

Filtered by vendor Spice-space Subscribe

Filtered by product Spice-vdagent

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-15108	1 Spice-space	1 Spice-vdagent	2021-01-13	4.6 MEDIUM	7.8 HIGH
spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed.

Vulnerabilities (CVE)