CVE-2018-13043

Опубликовано: 01 июл. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

Релиз	Статус	Примечание
artful	released	2.17.9ubuntu0.1
bionic	released	2.17.12ubuntu1.1
devel	released	2.18.3ubuntu2
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	released	2.17.12ubuntu1.1
esm-infra/xenial	not-affected	code not present
precise/esm	not-affected	code not present
trusty	not-affected	code not present
trusty/esm	not-affected	code not present
upstream	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%

0.01212

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2018-13043

CVSS3: 9.8

nvd

больше 7 лет назад

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

CVE-2018-13043

CVSS3: 9.8

debian

больше 7 лет назад

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows cod ...

GHSA-6229-3fh2-qhp3

CVSS3: 9.8

github

больше 3 лет назад

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

EPSS

Процентиль: 79%

0.01212

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2018-13043

Описание

Пакет devscripts

Ссылки на источники

Связанные уязвимости