CVE-2013-6888

2014-01-0717:04:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2013-6888

uscan

devscripts

remote code execution

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.105 Low

EPSS

Percentile

95.0%

JSON

Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball.

CPENameOperatorVersion
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.7
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.5
devscripts_devel_team:devscriptsdevscripts devel team devscriptsle2.13.8
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.2
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.4
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.1
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.0
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.6
devscripts_devel_team:devscriptsdevscripts devel team devscriptseq2.13.3

CPE	Name	Operator	Version
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.7
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.5
devscripts_devel_team:devscripts	devscripts devel team devscripts	le	2.13.8
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.2
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.4
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.1
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.0
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.6
devscripts_devel_team:devscripts	devscripts devel team devscripts	eq	2.13.3