Описание
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file. (The path is shown to the user before execution.)
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 0.88.2ubuntu1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | released | 0.84ubuntu0.1 |
| esm-infra/xenial | needs-triage | |
| focal | released | 0.84ubuntu0.1 |
| jammy | released | 0.87ubuntu1.1 |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
Показывать по
7.8 High
CVSS3
Связанные уязвимости
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file. (The path is shown to the user before execution.)
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary ...
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file. (The path is shown to the user before execution.)
Уязвимость функции eval() инструмента для выбора справочных страниц debmany пакета утилит Debian-goodies, позволяющая нарушителю выполнить произвольные команды
7.8 High
CVSS3