exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 15

ELSA-2019-2964

почти 6 лет назад

ELSA-2019-2964: patch security update (IMPORTANT)

EPSS: Низкий

ELSA-2019-2798

почти 6 лет назад

ELSA-2019-2798: patch security update (IMPORTANT)

EPSS: Низкий

CVE-2018-20969

около 6 лет назад

do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

около 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

около 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

около 5 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

около 6 лет назад

do_ed_script in pch.c in GNU patch through 2.7.6 does not block string ...

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

около 6 лет назад

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

около 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

около 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

почти 5 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

около 6 лет назад

GNU patch through 2.7.6 is vulnerable to OS shell command injection th ...

CVSS3: 7.8

EPSS: Низкий

GHSA-g5pm-269j-95rr

больше 3 лет назад

CVSS3: 7.8

EPSS: Низкий

GHSA-vqpq-8jvg-rwmx

больше 3 лет назад

CVSS3: 7.8

EPSS: Низкий

BDU:2019-03232

около 6 лет назад

Уязвимость функции do_ed_script (src/pch.c) программной Unix-утилиты GNU Patch, связанная с непринятием мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю получить доступ к конфиденциальной информации и выполнить произвольную команду

CVSS3: 7.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
ELSA-2019-2964 ELSA-2019-2964: patch security update (IMPORTANT)			почти 6 лет назад
ELSA-2019-2798 ELSA-2019-2798: patch security update (IMPORTANT)			почти 6 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	1% Низкий	около 6 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	1% Низкий	около 6 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	1% Низкий	около 6 лет назад
CVE-2018-20969	CVSS3: 7.8	1% Низкий	около 5 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block string ...	CVSS3: 7.8	1% Низкий	около 6 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	3% Низкий	около 6 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	3% Низкий	около 6 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	3% Низкий	около 6 лет назад
CVE-2019-13638	CVSS3: 7.8	3% Низкий	почти 5 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection th ...	CVSS3: 7.8	3% Низкий	около 6 лет назад
GHSA-g5pm-269j-95rr do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	1% Низкий	больше 3 лет назад
GHSA-vqpq-8jvg-rwmx GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	3% Низкий	больше 3 лет назад
BDU:2019-03232 Уязвимость функции do_ed_script (src/pch.c) программной Unix-утилиты GNU Patch, связанная с непринятием мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю получить доступ к конфиденциальной информации и выполнить произвольную команду	CVSS3: 7.8	3% Низкий	около 6 лет назад

Уязвимостей на страницу