Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-31249

A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in wrangler of SUSE Rancher allows remote attackers to inject commands in the underlying host via crafted commands passed to Wrangler. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wrangler version 0.8.4 and prior versions; wrangler version 1.0.0 and prior versions.

Published

2023-02-07T13:15:09.537

Last Modified

2024-11-21T07:04:13.170

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	suse	wrangler	< 0.7.4	Yes
Application	suse	wrangler	< 0.8.5	Yes
Application	suse	wrangler	1.0.0	Yes

References

https://bugzilla.suse.com/show_bug.cgi?id=1200299 Issue Tracking ([email protected])
https://bugzilla.suse.com/show_bug.cgi?id=1200299 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)