Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-13259

Опубликовано: 05 сент. 2018
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Конфигурация 2
cpe:2.3:a:zsh:zsh:*:*:*:*:*:*:*:*
Версия до 5.6 (исключая)

EPSS

Процентиль: 78%
0.01175
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2018-13259

CVSS3: 9.8
ubuntu
больше 7 лет назад

An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

redhat логотип

CVE-2018-13259

CVSS3: 5.3
redhat
больше 7 лет назад

An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

debian логотип

CVE-2018-13259

CVSS3: 9.8
debian
больше 7 лет назад

An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 ...

github логотип

GHSA-8vj4-q4ww-8jf3

CVSS3: 9.8
github
больше 3 лет назад

An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

oracle-oval логотип

ELSA-2019-2017

oracle-oval
больше 6 лет назад

ELSA-2019-2017: zsh security and bug fix update (MODERATE)

EPSS

Процентиль: 78%
0.01175
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20