CVE-2017-1000009

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-1000009

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000009.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-1000009

Aliases

GHSA-q8cr-xphm-7gfv

Published

2017-07-17T13:18:16.187Z

Modified

2026-02-11T13:55:02.116576Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.

References

Affected packages

Git / github.com/akeneo/pim-community-dev

Affected ranges

Type: GIT
Repo: https://github.com/akeneo/pim-community-dev
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

f052fd7dda938fc4b31e4f66c4c9018d6d8c0abd

Affected versions

v1.*

v1.0.0

v1.0.0-ALPHA1

v1.0.0-ALPHA2

v1.0.0-ALPHA3

v1.0.0-ALPHA4

v1.0.0-BETA1

v1.0.0-BETA2

v1.0.0-BETA2-sprint24

v1.0.0-BETA2-sprint25

v1.0.0-BETA3

v1.0.0-BETA3-sprint27

v1.0.0-BETA3-sprint28

v1.0.0-BETA4

v1.0.0-BETA4-sprint30

v1.0.0-RC1

v1.0.0-RC1-sprint31

v1.0.0-sprint34

v1.0.1

v1.0.2

v1.0.3

v1.1.0

v1.1.0-RC1

v1.1.0-RC2

v1.1.0-RC3

v1.2.0

v1.2.0-BETA1

v1.2.0-BETA2

v1.2.0-RC1

v1.2.0-RC2

v1.2.0-RC3

v1.2.0-RC4

v1.2.1

v1.2.10

v1.2.11

v1.2.12

v1.2.13

v1.2.14

v1.2.15

v1.2.16

v1.2.17

v1.2.18

v1.2.19

v1.2.2

v1.2.20

v1.2.21

v1.2.22

v1.2.23

v1.2.24

v1.2.25

v1.2.26

v1.2.27

v1.2.28

v1.2.29

v1.2.3

v1.2.30

v1.2.31

v1.2.32

v1.2.33

v1.2.34

v1.2.35

v1.2.36

v1.2.37

v1.2.4

v1.2.5

v1.2.6

v1.2.7

v1.2.8

v1.2.9

v1.3.0

v1.3.0-BETA1

v1.3.0-RC1

v1.3.0-RC2

v1.3.0-RC3

v1.3.1

v1.3.10

v1.3.11

v1.3.12

v1.3.13

v1.3.14

v1.3.15

v1.3.16

v1.3.17

v1.3.18

v1.3.19

v1.3.2

v1.3.20

v1.3.21

v1.3.22

v1.3.23

v1.3.24

v1.3.25

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.0-ALPHA1

v1.4.0-BETA1

v1.4.0-BETA2

v1.4.0-BETA3

v1.4.0-RC1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000009.json"