{"id":"DSA-2503-1","summary":"bcfg2 - shell command injection","modified":"2026-03-09T01:23:33.557022Z","published":"2012-06-28T00:00:00Z","upstream":["CVE-2012-3366","DEBIAN-CVE-2012-3366"],"affected":[{"package":{"name":"bcfg2","ecosystem":"Debian:6.0","purl":"pkg:deb/debian/bcfg2?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-3+squeeze2"}]}],"versions":["1.0.1-3","1.0.1-3+squeeze1"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-2503-1.json"}}],"schema_version":"1.7.3"}