HIGH 8.8 PyPI
GHSA-jjxg-hpm7-g95f · CVE-2017-14176, PYSEC-2017-149 Bazaar allows remote attackers to execute arbitrary commands via a bzr+ssh URL with initial dash character in hostname
Modified: 5/29/2026
package
PyPI / bzr
pkg:pypi/bzr
HIGH 8.8 PyPI
PYSEC-2017-149 · CVE-2017-14176, GHSA-jjxg-hpm7-g95f Modified: 5/29/2026