CVE-2018-12561 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Access restriction bypass
Description	An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-721	cantata	2.3.1-1	2.3.1-2	High	Fixed

Date	Advisory	Group	Package	Severity	Type
20 Jun 2018	ASA-201806-12	AVG-721	cantata	High	multiple issues

References
http://www.openwall.com/lists/oss-security/2018/06/18/1 https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3