← back
CVE-2017-1002153

CVE-2017-1002153

EPSS 1.1%CWE-20
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
06 Oct 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.
Affected products
Koji Project · Koji