CVE-2014-3856

Опубликовано: 28 янв. 2020

Источник: debian

EPSS Низкий

Описание

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
fish	fixed	2.1.1-1		package
fish	no-dsa		squeeze	package
fish	no-dsa		wheezy	package

Примечания

https://github.com/fish-shell/fish-shell/issues/1437

EPSS

Процентиль: 30%

0.00109

Низкий

Связанные уязвимости

CVE-2014-3856

CVSS3: 7

ubuntu

около 6 лет назад

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

CVE-2014-3856

CVSS3: 7

nvd

около 6 лет назад

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

GHSA-mh78-c455-hh2q

github

больше 3 лет назад

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

openSUSE-SU-2019:2188-1

suse-cvrf

больше 6 лет назад

Security update for fish3

openSUSE-SU-2019:2177-1

suse-cvrf

больше 6 лет назад

Security update for fish3

EPSS

Процентиль: 30%

0.00109

Низкий