Описание
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
Отчет
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Дополнительная информация
Статус:
EPSS
Связанные уязвимости
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
EPSS