1
Candidate: CVE-2017-5944
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5944
6
The dashboard subscription interface in Request Tracker (RT) 4.x before
7
4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote
8
authenticated users with certain privileges to execute arbitrary code via a
9
crafted saved search name.
17
Patches_request-tracker4:
18
upstream_request-tracker4: released (4.4.1-4)
19
precise/esm_request-tracker4: DNE
20
trusty_request-tracker4: needs-triage
21
vivid/ubuntu-core_request-tracker4: DNE
22
xenial_request-tracker4: needs-triage
23
yakkety_request-tracker4: ignored (reached end-of-life)
24
zesty_request-tracker4: released (4.4.1-3+deb9u2build0.17.04.1)
25
artful_request-tracker4: not-affected (4.4.1-4)
26
bionic_request-tracker4: not-affected (4.4.1-4)
27
devel_request-tracker4: not-affected (4.4.1-4)