Количество 8
Количество 8
CVE-2014-10070
zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled.
CVE-2014-10070
zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled.
CVE-2014-10070
zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled.
CVE-2014-10070
zsh before 5.0.7 allows evaluation of the initial values of integer va ...
GHSA-4x2g-x3r2-29r6
zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled.
openSUSE-SU-2018:1093-1
Security update for zsh
SUSE-SU-2018:1072-1
Security update for zsh
SUSE-SU-2022:14910-1
Security update for zsh
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2014-10070 zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled. | CVSS3: 7.8 | 0% Низкий | почти 8 лет назад |
 | CVE-2014-10070 zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled. | 0% Низкий | почти 8 лет назад | |
 | CVE-2014-10070 zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled. | CVSS3: 7.8 | 0% Низкий | почти 8 лет назад |
| CVE-2014-10070 zsh before 5.0.7 allows evaluation of the initial values of integer va ... | CVSS3: 7.8 | 0% Низкий | почти 8 лет назад |
| GHSA-4x2g-x3r2-29r6 zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | openSUSE-SU-2018:1093-1 Security update for zsh | почти 8 лет назад | ||
| SUSE-SU-2018:1072-1 Security update for zsh | почти 8 лет назад | ||
| SUSE-SU-2022:14910-1 Security update for zsh | почти 4 года назад |
Уязвимостей на страницу