Описание
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
Ссылки
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.13.19 (исключая)
cpe:2.3:a:debian:devscripts:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00541
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.8
ubuntu
около 6 лет назад
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
CVSS3: 8.8
debian
около 6 лет назад
An issue exists in uscan in devscripts before 2.13.19, which could let ...
github
почти 4 года назад
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
EPSS
Процентиль: 67%
0.00541
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo