Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables.
References
| Link | Resource |
|---|---|
| https://github.com/89luca89/distrobox/commit/82a69f0a234e73e447d0ea8c8b3443b84fd31944 | Patch |
| https://github.com/89luca89/distrobox/issues/1275 | Exploit Issue Tracking Patch |
| https://github.com/89luca89/distrobox/commit/82a69f0a234e73e447d0ea8c8b3443b84fd31944 | Patch |
| https://github.com/89luca89/distrobox/issues/1275 | Exploit Issue Tracking Patch |
Configurations
History
17 Jun 2025, 13:50
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/89luca89/distrobox/commit/82a69f0a234e73e447d0ea8c8b3443b84fd31944 - Patch | |
| References | () https://github.com/89luca89/distrobox/issues/1275 - Exploit, Issue Tracking, Patch | |
| First Time |
89luca89
89luca89 distrobox |
|
| CPE | cpe:2.3:a:89luca89:distrobox:*:*:*:*:*:*:*:* |
21 Nov 2024, 09:08
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/89luca89/distrobox/commit/82a69f0a234e73e447d0ea8c8b3443b84fd31944 - | |
| References | () https://github.com/89luca89/distrobox/issues/1275 - |
04 Sep 2024, 18:35
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-77 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
21 Mar 2024, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-21 04:15
Updated : 2025-06-17 13:50
NVD link : CVE-2024-29864
Mitre link : CVE-2024-29864
CVE.ORG link : CVE-2024-29864
JSON object : View
Products Affected
89luca89
- distrobox
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')