Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys. https://github.com/digint/btrbk/commit/58212de771c381cd4fa05625927080bf264e9584 https://github.com/digint/btrbk/blob/master/ChangeLog
Created btrbk tracking bugs for this issue: Affects: epel-7 [bug 1994990] Affects: fedora-all [bug 1994989]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.