CVE-2015-5705

Опубликовано: 06 сент. 2017

Источник: debian

EPSS Низкий

Описание

Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
devscripts	fixed	2.15.8		package
devscripts	not-affected		jessie	package
devscripts	not-affected		wheezy	package
devscripts	not-affected		squeeze	package

Примечания

Introduced in https://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=025ad4ea8ba92d32bd698a83149f782c17f78bf0 (v2.15.5)

EPSS

Процентиль: 74%

0.00829

Низкий

Связанные уязвимости

CVE-2015-5705

CVSS3: 7.5

ubuntu

больше 8 лет назад

Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.

CVE-2015-5705

CVSS3: 7.5

nvd

больше 8 лет назад

Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.

GHSA-qhpv-f2h3-4mh8

CVSS3: 7.5

github

больше 3 лет назад

Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.

EPSS

Процентиль: 74%

0.00829

Низкий