{"id":"CVE-2017-9774","details":"Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.","modified":"2026-04-02T00:21:00.782285Z","published":"2017-06-21T18:29:00.357Z","references":[{"type":"ADVISORY","url":"https://lists.horde.org/archives/announce/2017/001234.html"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4276"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/horde/image","events":[{"introduced":"0"},{"last_affected":"14f5fefec78a176ccbaa4b08bcb0cdb951ab0155"},{"introduced":"0"},{"last_affected":"c5883d87488fa88e57aad72c5f4531db604888ce"},{"introduced":"0"},{"last_affected":"4fde53e3d477389168a53adfb3cdbd5b6e2ce00f"},{"introduced":"0"},{"last_affected":"ebd52aa26ce90b149f127965016299aac9e943fb"},{"introduced":"0"},{"last_affected":"75eae6b5645d3c8aafc486434d9f63758dfa82c0"},{"introduced":"0"},{"last_affected":"a7690ec10055f5971279b4165dc7b2b18bba74ac"},{"introduced":"0"},{"last_affected":"f385841c94851f191f2f4ac275f818fc3689bd6f"},{"introduced":"0"},{"last_affected":"9783742083e8a5d30b7de6573f2fe325f22c992d"},{"introduced":"0"},{"last_affected":"d147ecb535a9e2014dd1372ae70e175b9edb583a"},{"introduced":"0"},{"last_affected":"85ef1c62edaefcd5c4fc35a4aae74e29c603e747"},{"introduced":"0"},{"last_affected":"85627628b2a0d53004535a4661c73e9b3e30b226"},{"introduced":"0"},{"last_affected":"efd964ce7893d68e98271f3851a2efbc44915e80"},{"introduced":"0"},{"last_affected":"7950460b6b98ff288d1cf391a228d21f762cecaa"},{"introduced":"0"},{"last_affected":"fafaed7c8c76acb416dcb6ab4b81a11301e5a153"},{"introduced":"0"},{"last_affected":"1f191a196aa98c9fd77828f89ab41e0fda94f3af"},{"introduced":"0"},{"last_affected":"0540a42c75537d2f17b93bd94567e792e395638f"},{"introduced":"0"},{"last_affected":"ddf14bd3018cd2ac440fb43ed419ccdd5a291f62"},{"introduced":"0"},{"last_affected":"89747700ab2d17b71cd57be028c5671d227ac703"},{"introduced":"0"},{"last_affected":"b37f7b9c5186ed04f75e323bf648a35615498d79"},{"introduced":"0"},{"last_affected":"f3a5e4c66f4c45e36f23eec186ed9773b891b361"},{"introduced":"0"},{"last_affected":"dca802cdc33e44998204fe0cd992f2eca42d93a6"},{"introduced":"0"},{"last_affected":"fbaf6caa9699ed423c9678ddb705144ac37f286e"},{"introduced":"0"},{"last_affected":"e4b2b3a7a51e61665e8baee0e93b8f723f94c70b"},{"introduced":"0"},{"last_affected":"7f85046c1413be7ebf89b93741e08d21964f4de8"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.0.0"},{"introduced":"0"},{"last_affected":"2.0.0-alpha1"},{"introduced":"0"},{"last_affected":"2.0.0-beta1"},{"introduced":"0"},{"last_affected":"2.0.0-beta2"},{"introduced":"0"},{"last_affected":"2.0.1"},{"introduced":"0"},{"last_affected":"2.0.2"},{"introduced":"0"},{"last_affected":"2.0.3"},{"introduced":"0"},{"last_affected":"2.0.4"},{"introduced":"0"},{"last_affected":"2.0.5"},{"introduced":"0"},{"last_affected":"2.0.6"},{"introduced":"0"},{"last_affected":"2.0.7"},{"introduced":"0"},{"last_affected":"2.0.8"},{"introduced":"0"},{"last_affected":"2.0.9"},{"introduced":"0"},{"last_affected":"2.1.0"},{"introduced":"0"},{"last_affected":"2.2.0"},{"introduced":"0"},{"last_affected":"2.3.0"},{"introduced":"0"},{"last_affected":"2.3.1"},{"introduced":"0"},{"last_affected":"2.3.2"},{"introduced":"0"},{"last_affected":"2.3.3"},{"introduced":"0"},{"last_affected":"2.3.4"},{"introduced":"0"},{"last_affected":"2.3.5"},{"introduced":"0"},{"last_affected":"2.3.6"},{"introduced":"0"},{"last_affected":"2.4.0"},{"introduced":"0"},{"last_affected":"2.4.1"}]}}],"versions":["v1.0.0","v1.0.0alpha1","v1.0.0beta1","v1.0.0rc1","v1.0.0rc2","v1.0.1","v1.0.10","v1.0.2","v1.0.3","v1.0.4","v1.0.5","v1.0.6","v1.0.7","v1.0.8","v1.0.9","v2.0.0alpha1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9774.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}