VulnerableCode Vulnerability Details - VCID-cjkd-nkad-b7a8

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-cjkd-nkad-b7a8

Essentials
Severities (3)
References (3)
Severity details (3)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-cjkd-nkad-b7a8
Aliases	GHSA-67cx-rhhq-mfhq GMS-2019-111
Summary	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in indico.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-78	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-77	Improper Neutralization of Special Elements used in a Command ('Command Injection')

System	Score	Found at
generic_textual	HIGH	https://github.com/advisories/GHSA-67cx-rhhq-mfhq
generic_textual	HIGH	https://github.com/indico/indico
generic_textual	HIGH	https://github.com/indico/indico/security/advisories/GHSA-67cx-rhhq-mfhq

Reference id	Reference type	URL
		https://github.com/indico/indico
GHSA-67cx-rhhq-mfhq		https://github.com/advisories/GHSA-67cx-rhhq-mfhq
GHSA-67cx-rhhq-mfhq		https://github.com/indico/indico/security/advisories/GHSA-67cx-rhhq-mfhq

No exploits are available.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:19:36.509696+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/indico/GMS-2019-111.yml	38.6.0