CVE-2014-3856

Опубликовано: 28 янв. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.4

CVSS3: 7

Описание

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	2.1.1-1
cosmic	not-affected	2.1.1-1
devel	not-affected	2.1.1-1
disco	not-affected	2.1.1-1
esm-apps/bionic	not-affected	2.1.1-1
esm-apps/xenial	not-affected	2.1.1-1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needed]
lucid	ignored	end of life
precise	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 30%

0.00109

Низкий

4.4 Medium

CVSS2

7 High

CVSS3

Связанные уязвимости

CVE-2014-3856

CVSS3: 7

nvd

около 6 лет назад

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

CVE-2014-3856

CVSS3: 7

debian

около 6 лет назад

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does ...

GHSA-mh78-c455-hh2q

github

больше 3 лет назад

The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.

openSUSE-SU-2019:2188-1

suse-cvrf

больше 6 лет назад

Security update for fish3

openSUSE-SU-2019:2177-1

suse-cvrf

больше 6 лет назад

Security update for fish3

EPSS

Процентиль: 30%

0.00109

Низкий

4.4 Medium

CVSS2

7 High

CVSS3

CVE-2014-3856

Описание

Пакет fish

Ссылки на источники

Связанные уязвимости