Количество 12
Количество 12
GHSA-r9rq-mhxg-686q
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

CVE-2018-1000156
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

CVE-2018-1000156
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

CVE-2018-1000156
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

CVE-2018-1000156
CVE-2018-1000156
GNU Patch version 2.7.6 contains an input validation vulnerability whe ...
ELSA-2018-1200
ELSA-2018-1200: patch security update (IMPORTANT)
ELSA-2018-1199
ELSA-2018-1199: patch security update (IMPORTANT)

BDU:2018-01502
Уязвимость программной Unix-утилиты GNU Patch, связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании, получить доступ к конфиденциальным данным или нарушить их целостность

openSUSE-SU-2018:1137-1
Security update for patch

SUSE-SU-2018:1128-1
Security update for patch

SUSE-SU-2018:1162-1
Security update for patch
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
---|---|---|---|---|
GHSA-r9rq-mhxg-686q GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | CVSS3: 7.8 | 43% Средний | около 3 лет назад | |
![]() | CVE-2018-1000156 GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | CVSS3: 7.8 | 43% Средний | больше 7 лет назад |
![]() | CVE-2018-1000156 GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | CVSS3: 7.8 | 43% Средний | больше 7 лет назад |
![]() | CVE-2018-1000156 GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | CVSS3: 7.8 | 43% Средний | больше 7 лет назад |
![]() | CVSS3: 7.8 | 43% Средний | почти 5 лет назад | |
CVE-2018-1000156 GNU Patch version 2.7.6 contains an input validation vulnerability whe ... | CVSS3: 7.8 | 43% Средний | больше 7 лет назад | |
ELSA-2018-1200 ELSA-2018-1200: patch security update (IMPORTANT) | около 7 лет назад | |||
ELSA-2018-1199 ELSA-2018-1199: patch security update (IMPORTANT) | около 7 лет назад | |||
![]() | BDU:2018-01502 Уязвимость программной Unix-утилиты GNU Patch, связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании, получить доступ к конфиденциальным данным или нарушить их целостность | CVSS3: 7.8 | 43% Средний | больше 7 лет назад |
![]() | openSUSE-SU-2018:1137-1 Security update for patch | около 7 лет назад | ||
![]() | SUSE-SU-2018:1128-1 Security update for patch | около 7 лет назад | ||
![]() | SUSE-SU-2018:1162-1 Security update for patch | около 7 лет назад |
Уязвимостей на страницу