Описание
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
Ссылки
- Mailing ListThird Party Advisory
- Third Party Advisory
- Release Notes
- Mailing ListThird Party Advisory
- Third Party Advisory
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия от 1.16.0 (включая) до 2.1.1 (исключая)
cpe:2.3:a:fishshell:fish:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.0011
Низкий
7 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 7
ubuntu
около 6 лет назад
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
CVSS3: 7
debian
около 6 лет назад
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does no ...
github
больше 3 лет назад
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
EPSS
Процентиль: 30%
0.0011
Низкий
7 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-362