Описание
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 6.6.2-1 |
| cosmic | not-affected | 6.6.2-1 |
| devel | not-affected | 6.6.2-1 |
| disco | not-affected | 6.6.2-1 |
| eoan | not-affected | 6.6.2-1 |
| esm-apps/bionic | not-affected | 6.6.2-1 |
| esm-apps/focal | not-affected | 6.6.2-1 |
| esm-apps/jammy | not-affected | 6.6.2-1 |
| esm-apps/noble | not-affected | 6.6.2-1 |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launchi ...
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
6.8 Medium
CVSS2
8.8 High
CVSS3