shadowsocks-libev

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A lightweight secured socks5 proxy for embedded devices and low end boxes
Version 3.2.3-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-474 3.1.0-2 3.1.1-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2017-15924 AVG-474 High No Arbitrary command execution
In manager.c in ss-manager in shadowsocks-libev before 3.1.1, improper parsing allows command injection via shell metacharacters in a JSON configuration...

Advisories

Date Advisory Group Severity Description
30 Nov 2017 ASA-201711-40 AVG-474 High arbitrary command execution