CVE-2012-4406: Improper Control of Generation of Code ('Code Injection')
(updated )
CVE-2012-4406 Openstack-Swift: insecure use of python pickle()
References
- lists.fedoraproject.org/pipermail/package-announce/2012-October/089472.html
- rhn.redhat.com/errata/RHSA-2012-1379.html
- rhn.redhat.com/errata/RHSA-2013-0691.html
- www.openwall.com/lists/oss-security/2012/09/05/16
- www.openwall.com/lists/oss-security/2012/09/05/4
- access.redhat.com/errata/RHSA-2012:1379
- access.redhat.com/errata/RHSA-2013:0691
- access.redhat.com/security/cve/CVE-2012-4406
- bugs.launchpad.net/swift/+bug/1006414
- bugzilla.redhat.com/show_bug.cgi?id=854757
- exchange.xforce.ibmcloud.com/vulnerabilities/79140
- github.com/advisories/GHSA-v7mh-3jgf-r26c
- github.com/openstack/swift/commit/e1ff51c04554d51616d2845f92ab726cb0e5831a
- launchpad.net/swift/+milestone/1.7.0
- nvd.nist.gov/vuln/detail/CVE-2012-4406
- web.archive.org/web/20130629092623/http://www.securityfocus.com/bid/55420
Detect and mitigate CVE-2012-4406 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →