eza: Arbitrary Code Execution

Background eza is a modern, maintained replacement for ls, written in rust. Description A vulnerability has been discovered in eza. Please review the CVE identifier referenced below for details. Impact A buffer overflow vulnerability in eza allows local attackers to execute arbitrary code via the...

GHSA-3XC6-7H59-J2X4 Duplicate Advisory: eza Potential Heap Overflow Vulnerability for AArch64

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3qx3-6hxr-j2ch. This link is maintained to preserve external references. Original Description Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the...

Buffer overflow

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

PT-2024-21143 · Eza · Eza

Name of the Vulnerable Software and Affected Versions: eza versions prior to 0.18.2 Description: The issue is a Buffer Overflow vulnerability that allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components. This vulnerability seems to be triggered b...