Описание
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| global | fixed | 6.6.13-1 | package | |
| global | no-dsa | bookworm | package | |
| global | no-dsa | bullseye | package | |
| global | postponed | buster | package |
Примечания
https://lists.gnu.org/archive/html/bug-global/2024-05/msg00009.html
EPSS
Процентиль: 47%
0.00243
Низкий
Связанные уязвимости
CVSS3: 9.1
ubuntu
больше 1 года назад
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used.
CVSS3: 9.1
nvd
больше 1 года назад
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used.
CVSS3: 9.1
github
больше 1 года назад
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used.
EPSS
Процентиль: 47%
0.00243
Низкий