44 matches found
TencentOS Server 3: zsh (TSSA-2022:0225)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0225 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0205: zsh (ALINUX3-SA-2022:0205)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0205 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-45444: In zsh before 5.8.1, an attacker ca...
Slackware: Security Advisory (SSA:2025-109-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware Linux 15.0 zsh Vulnerability (SSA:2025-109-01)
The version of zsh installed on the remote host is prior to 5.9. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-109-01 advisory. New zsh packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description block directly...
Amazon Linux 2022 : zsh, zsh-html (ALAS2022-2022-034)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-034 advisory. A vulnerability was found in zsh in the parsecolorchar function of prompt.c file. This flaw allows an attacker to perform code execution if they control a command output inside the prompt, as stated by ...
GLSA-202407-01 : Zsh: Prompt Expansion Vulnerability
The remote host is affected by the vulnerability described in GLSA-202407-01 Zsh: Prompt Expansion Vulnerability Multiple vulnerabilities have been discovered in Zsh. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly fro...
CentOS 9 : zsh-5.8-9.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the zsh-5.8-9.el9 build changelog. - In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This...
Rocky Linux 8 : zsh (RLSA-2022:2120)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2120 advisory. - In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs...
Medium: zsh
Issue Overview: A vulnerability was found in zsh in the parsecolorchar function of prompt.c file. This flaw allows an attacker to perform code execution if they control a command output inside the prompt, as stated by a %F%K argument. This occurs because of recursive PROMPTSUBST expansion...
Amazon Linux 2023 : zsh, zsh-html (ALAS2023-2023-035)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-035 advisory. A vulnerability was found in zsh in the parsecolorchar function of prompt.c file. This flaw allows an attacker to perform code execution if they control a command output inside the prompt, as stated by ...
OESA-2022-2094 zsh security update
The zsh is a shell designed for interactive use, and it is also a powerful scripting language. Many of the useful features of bash, ksh, and tcsh were incorporated into zsh. It can match files by file extension without running an external program, share command history with any shell, and more...
Amazon Linux 2022 : zsh, zsh-html (ALAS2022-2022-117)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-117 advisory. A vulnerability was found in zsh in the parsecolorchar function of prompt.c file. This flaw allows an attacker to perform code execution if they control a command output inside the prompt, as stated by ...
CVE-2021-45444 affecting package zsh for versions less than 5.9-1
CVE-2021-45444 affecting package zsh for versions less than 5.9-1. An upgraded version of the package is available that resolves this issue...
EulerOS 2.0 SP3 : zsh (EulerOS-SA-2022-1778)
According to the versions of the zsh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. Th...
Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2022-1778)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
macOS 12.x < 12.4 Multiple Vulnerabilities (HT213257)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.4. It is, therefore, affected by multiple vulnerabilities: - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 - A crafted URI se...
macOS 10.15.x < Catalina Security Update 2022-004 Catalina (HT213255)
The remote host is running a version of macOS / Mac OS X that is prior to Catalina Security Update 2022-004. It is, therefore, affected by multiple vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...
Oracle Linux 8 : zsh (ELSA-2022-2120)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-2120 advisory. - do not perform PROMPTSUBST evaluation on file.file/%K arguments CVE-2021-45444 - improve printing of error messages introduced by the fix of CVE-2019-20044...
AlmaLinux 8 : zsh (ALSA-2022:2120)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2120 advisory. - In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs...
Moderate: Red Hat Security Advisory: zsh security update
An update for zsh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...