29 matches found
CVE-2024-25817
Affected software: eza (before v0.18.2). Root cause / vulnerability: Buffer overflow allowing local attackers to execute arbitrary code through .git/HEAD, .git/refs, and .git/objects components.** Impact:** Local code execution with high impact as described in multiple advisories. References from...
CVE-2024-25817
Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...
Fedora: Security Advisory for rust-eza (FEDORA-2024-993d3a78dd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: rust-eza-0.17.3-2.fc38
A modern replacement for ls...
[SECURITY] Fedora 39 Update: rust-eza-0.17.3-2.fc39
A modern replacement for ls...
Fedora: Security Advisory for rust-eza (FEDORA-2024-8ba389815f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-3QX3-6HXR-J2CH eza Potential Heap Overflow Vulnerability for AArch64
Summary In eza, there exists a potential heap overflow vulnerability, first seen when using Ubuntu for Raspberry Pi series system, on ubuntu-raspi kernel, relating to the .git directory. Details The vulnerability seems to be triggered by the .git directory in some projects. This issue may be...
eza Potential Heap Overflow Vulnerability for AArch64
Summary In eza, there exists a potential heap overflow vulnerability, first seen when using Ubuntu for Raspberry Pi series system, on ubuntu-raspi kernel, relating to the .git directory. Details The vulnerability seems to be triggered by the .git directory in some projects. This issue may be...
PT-2024-21143 · Eza · Eza
Name of the Vulnerable Software and Affected Versions: eza versions prior to 0.18.2 Description: The issue is a Buffer Overflow vulnerability that allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components. This vulnerability seems to be triggered b...