Search CVE reports
11 – 16 of 16 results
CVE-2017-18205
Medium priorityIn builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.
1 affected packages
zsh
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| zsh | — | — | — | — | Fixed |
CVE-2016-10714
Medium priorityIn zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
1 affected packages
zsh
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| zsh | — | — | — | — | Fixed |
CVE-2014-10072
Medium priorityIn utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.
1 affected packages
zsh
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| zsh | — | — | — | — | Not affected |
CVE-2014-10071
Medium priorityIn exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
1 affected packages
zsh
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| zsh | — | — | — | — | Not affected |
CVE-2014-10070
Medium priorityzsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and...
1 affected packages
zsh
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| zsh | — | — | — | — | Not affected |
CVE-2007-6209
Low priorityUtil/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
1 affected packages
zsh
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| zsh | — | — | — | — | — |