CVE-2018-0502

Опубликовано: 05 сент. 2018

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 9.8

Описание

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

Релиз	Статус	Примечание
bionic	released	5.4.2-3ubuntu3.1
devel	released	5.5.1-1ubuntu2
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [5.0.2-3ubuntu6.3]]
esm-infra/bionic	released	5.4.2-3ubuntu3.1
esm-infra/xenial	released	5.1.1-1ubuntu2.3
precise/esm	DNE
trusty	released	5.0.2-3ubuntu6.3
trusty/esm	DNE	trusty was released [5.0.2-3ubuntu6.3]
upstream	released	5.6-1
xenial	released	5.1.1-1ubuntu2.3

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2018-0502

CVSS3: 5.3

redhat

больше 7 лет назад

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

CVE-2018-0502

CVSS3: 9.8

nvd

больше 7 лет назад

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

CVE-2018-0502

CVSS3: 9.8

debian

больше 7 лет назад

An issue was discovered in zsh before 5.6. The beginning of a #! scrip ...

GHSA-m962-vg7f-29fx

CVSS3: 9.8

github

больше 3 лет назад

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

BDU:2021-01451

CVSS3: 9.8

fstec

около 8 лет назад

Уязвимость обработчика скриптов командной оболочки UNIX Zsh, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2018-0502

Описание

Пакет zsh

Ссылки на источники

Связанные уязвимости