CVE-2022-45145

Опубликовано: 10 дек. 2022

Источник: debian

EPSS Низкий

Описание

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.

Пакет	Статус	Версия исправления	Релиз	Тип
chicken	not-affected			package

https://lists.gnu.org/archive/html/chicken-announce/2022-11/msg00000.html
https://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=a08f8f548d772ef410c672ba33a27108d8d434f3;hp=9c6fb001c25de4390f46ffd7c3c94237f4df92a9

EPSS

Процентиль: 42%

0.00193

Низкий

CVE-2022-45145

CVSS3: 9.8

ubuntu

больше 2 лет назад

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.

CVE-2022-45145

CVSS3: 9.8

nvd

больше 2 лет назад

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.

GHSA-xvm4-qw2r-9jf6

CVSS3: 9.8

github

больше 2 лет назад

egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.

EPSS

Процентиль: 42%

0.00193

Низкий