No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 02 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
cvssV3_1
|
Thu, 02 Jul 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A shellcode injection in the mercurial handler of the obs tar_scm source service before version 0.12.4 could be used by attackers able to provide a _service file to execute code as the source service or the local user checking out the malicious services | |
| Title | obs-service-tar_scm: command injection via mercurial handler | |
| Weaknesses | CWE-78 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: suse
Published:
Updated: 2026-07-02T16:11:28.338Z
Reserved: 2026-06-18T09:26:55.988Z
Link: CVE-2026-56004
Updated: 2026-07-02T16:11:25.482Z
No data.
No data.
OpenCVE Enrichment
No data.
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')