Lucene search
K

4 matches found

OSV
OSV
added 2020/06/11 1:16 p.m.6 views

SUSE-SU-2020:1608-1 Security update for ed

This update for ed fixes the following security issue: - CVE-2017-5357: An invalid free in the regular expression handling of the 'ed' command processing could allow local users to crash ed. bsc1019807...

7.5CVSS7.6AI score0.03044EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/11/06 5:13 p.m.6 views

patch: do_ed_script in pch.c does not block strings beginning with a ! character

A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data...

9.3CVSS5.7AI score0.02706EPSS
Exploits1References5
OSV
OSV
added 2019/04/01 12:0 p.m.9 views

SUSE-SU-2019:14005-1 Security update for ed

This update for ed fixes the following security issues: - CVE-2017-5357: An invalid free in the regular expression handling of the 'ed' command processing could allow local users to crash ed. bsc1019807...

7.5CVSS7.6AI score0.03044EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/06/27 7:2 p.m.4 views

patch: Malicious patch files cause ed to execute arbitrary commands

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's...

9.3CVSS7.2AI score0.0556EPSS
Exploits0References4
Rows per page
Query Builder