Lucene search
K

88 matches found

OSV
OSV
added 2023/12/05 12:15 a.m.2 views

DEBIAN-CVE-2023-49284

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

6.6CVSS6.5AI score0.00475EPSS
Exploits1References1
OSV
OSV
added 2023/12/05 12:15 a.m.7 views

AZL-32081 CVE-2023-49284 affecting package fish for versions less than 3.6.2-1

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

6.6CVSS5.8AI score0.00475EPSS
Exploits1References1
NVD
NVD
added 2023/12/05 12:15 a.m.19 views

CVE-2023-49284

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

6.6CVSS0.00475EPSS
Exploits1References3
Prion
Prion
added 2023/12/05 12:15 a.m.16 views

Information disclosure

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

3CVSS7.2AI score0.00475EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/12/05 12:15 a.m.2 views

UBUNTU-CVE-2023-49284

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

6.6CVSS5.9AI score0.00475EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2023/12/05 12:0 a.m.16 views

CVE-2023-49284

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

6.6CVSS6.8AI score0.00475EPSS
Exploits1References4
CVE
CVE
added 2023/12/04 11:46 p.m.57 views

CVE-2023-49284

CVE-2023-49284 affects the fish shell (macOS, Linux, and related platforms). The vulnerability arises from Unicode non-characters used internally for marking wildcards and expansions, which can be read in command substitution output instead of being safely transformed. This can cause unexpected b...

6.6CVSS5.6AI score0.00475EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/12/04 11:46 p.m.28 views

CVE-2023-49284 Command substitution output can trigger shell expansion in fish shell

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

3.9CVSS6.9AI score0.00475EPSS
Exploits1References3
OSV
OSV
added 2023/12/04 11:46 p.m.18 views

CVE-2023-49284 Command substitution output can trigger shell expansion in fish shell

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

3.9CVSS6.4AI score0.00475EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/12/04 11:46 p.m.27 views

CVE-2023-49284

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than...

6.6CVSS6.8AI score0.00475EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.2 views

SUSE CVE-2014-2905

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

6.9CVSS7.1AI score0.0035EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.3 views

SUSE CVE-2014-2906

The psub function in fish aka fish-shell 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name...

7CVSS7.3AI score0.00314EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.2 views

SUSE CVE-2014-2914

fish aka fish-shell 2.0.0 before 2.1.1 does not restrict access to the configuration service aka fishconfig, which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by setprompt...

9.8CVSS8AI score0.0319EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.2 views

SUSE CVE-2014-3856

The funced function in fish aka fish-shell 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name...

7CVSS7.1AI score0.0029EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.3 views

SUSE CVE-2022-20001

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing...

7.3CVSS8AI score0.01417EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.28 views

Amazon Linux 2022 : fish (ALAS2022-2022-056)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-056 advisory. fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of gi...

7.8CVSS7.5AI score0.01417EPSS
Exploits0References3
OSV
OSV
added 2022/06/02 11:3 a.m.2 views

OESA-2022-1689 fish security update

fish is a fully-equipped command line shell like bash or zsh that is smart and user-friendly. fish supports powerful features like syntax highlighting, autosuggestions, and tab completions that just work, with nothing to learn or configure. Security Fixes: fish is a command line shell. fish versi...

7.8CVSS8.1AI score0.01417EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.27 views

Fedora 36 : fish (2022-443c5ec2dd)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-443c5ec2dd advisory. Update to 3.4.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

7.8CVSS7.3AI score0.01417EPSS
Exploits0References2
Fedora
Fedora
added 2022/04/04 12:15 a.m.32 views

[SECURITY] Fedora 36 Update: fish-3.4.1-1.fc36

fish is a fully-equipped command line shell like bash or zsh that is smart and user-friendly. fish supports powerful features like syntax highlighting, autosuggestions, and tab completions that just work, with nothing to learn or configure...

7.8CVSS1.1AI score0.01417EPSS
Exploits0
NVD
NVD
added 2022/03/14 7:15 p.m.14 views

CVE-2022-20001

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing...

7.8CVSS0.01417EPSS
Exploits0References7
Rows per page
Query Builder