14 lines
1.1 KiB
JSON
14 lines
1.1 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-1771",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1771",
|
|
"title": "An update for mc is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
|
"severity": "High",
|
|
"description": "GNU Midnight Commander is a visual file manager, licensed under GNU General Public License and therefore qualifies as Free Software. It's a feature rich full-screen text mode application that allows you to copy, move and delete files and whole directory trees, search for files and run commands in the subshell. Internal viewer and editor are included.\r\n\r\nSecurity Fix(es):\r\n\r\nAn issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.(CVE-2021-36370)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2021-36370",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36370",
|
|
"severity": "High"
|
|
}
|
|
]
|
|
} |