exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 15

ELSA-2019-2964

больше 6 лет назад

ELSA-2019-2964: patch security update (IMPORTANT)

EPSS: Низкий

ELSA-2019-2798

больше 6 лет назад

ELSA-2019-2798: patch security update (IMPORTANT)

EPSS: Низкий

CVE-2018-20969

больше 6 лет назад

do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

больше 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

больше 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

больше 5 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2018-20969

больше 6 лет назад

do_ed_script in pch.c in GNU patch through 2.7.6 does not block string ...

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

больше 6 лет назад

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

больше 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

больше 6 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

больше 5 лет назад

CVSS3: 7.8

EPSS: Низкий

CVE-2019-13638

больше 6 лет назад

GNU patch through 2.7.6 is vulnerable to OS shell command injection th ...

CVSS3: 7.8

EPSS: Низкий

GHSA-g5pm-269j-95rr

больше 3 лет назад

CVSS3: 7.8

EPSS: Низкий

GHSA-vqpq-8jvg-rwmx

больше 3 лет назад

CVSS3: 7.8

EPSS: Низкий

BDU:2019-03232

больше 6 лет назад

Уязвимость функции do_ed_script (src/pch.c) программной Unix-утилиты GNU Patch, связанная с непринятием мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю получить доступ к конфиденциальной информации и выполнить произвольную команду

CVSS3: 7.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
ELSA-2019-2964 ELSA-2019-2964: patch security update (IMPORTANT)			больше 6 лет назад
ELSA-2019-2798 ELSA-2019-2798: patch security update (IMPORTANT)			больше 6 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	0% Низкий	больше 6 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	0% Низкий	больше 6 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	0% Низкий	больше 6 лет назад
CVE-2018-20969	CVSS3: 7.8	0% Низкий	больше 5 лет назад
CVE-2018-20969 do_ed_script in pch.c in GNU patch through 2.7.6 does not block string ...	CVSS3: 7.8	0% Низкий	больше 6 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	2% Низкий	больше 6 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	2% Низкий	больше 6 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	2% Низкий	больше 6 лет назад
CVE-2019-13638	CVSS3: 7.8	2% Низкий	больше 5 лет назад
CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection th ...	CVSS3: 7.8	2% Низкий	больше 6 лет назад
GHSA-g5pm-269j-95rr do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.	CVSS3: 7.8	0% Низкий	больше 3 лет назад
GHSA-vqpq-8jvg-rwmx GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.	CVSS3: 7.8	2% Низкий	больше 3 лет назад
BDU:2019-03232 Уязвимость функции do_ed_script (src/pch.c) программной Unix-утилиты GNU Patch, связанная с непринятием мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю получить доступ к конфиденциальной информации и выполнить произвольную команду	CVSS3: 7.8	2% Низкий	больше 6 лет назад

Уязвимостей на страницу