19 matches found
EUVD-2026-25012
mv: symlinks expanded during cross-device move resource exhaustion / data duplication...
CVE-2026-35365
The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...
Duplicate Advisory: uutils coreutils has a Link Following issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h444-6j9x-p8vh. This link is maintained to preserve external references. Original Description The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across...
CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion
The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...
CVE-2026-35365
The CVE concerns the mv utility in uutils coreutils. The issue is that during moves across filesystem boundaries, the mv implementation does not preserve symbolic links; instead, it expands them and copies the linked targets as real files/directories at the destination. According to the provided ...
CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion
The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...
PT-2026-34501
Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The mv utility improperly handles directory trees containing symbolic links when moving them across filesystem boundaries. The implementation expands symbolic links—which are pointer...
Linux Distros Unpatched Vulnerability : CVE-2026-35365
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving...
EUVD-2017-9339
Malware in sbrugna...
SUSE CVE-2017-18206
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow...
Low: zsh
Issue Overview: NULL dereference in cd in sh compatibility mode under given circumstances In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 Null-pointer...
Debian: Security Advisory (DLA-1304-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated zsh packages fix security vulnerabilities
Zsh has been updated to fix 4 security issues. In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 In utils.c in zsh before 5.4, symlink expansion had a buff...
[SECURITY] [DLA 1304-1] zsh security update
Package : zsh Version : 4.3.17-1+deb7u1 CVE IDs : CVE-2014-10070 CVE-2014-10071 CVE-2014-10072 CVE-2016-10714 CVE-2017-18206 It was discovered that there were multiple vulnerabilities in the "zsh" shell: CVE-2014-10070: Fix a privilege-elevation issue if the environment has not been properly...
CVE-2017-18206
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow...
DEBIAN-CVE-2017-18206
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow...
CVE-2017-18206
CVE-2017-18206 affects zsh prior to 5.4, with a buffer overflow in the symlink expansion path (utils.c: symlink expansion). The vulnerability allows a local, unprivileged user to abuse specially crafted directory paths, potentially leading to privilege escalation or related crashes. It is address...
CVE-2017-18206
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow...
UBUNTU-CVE-2017-18206
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow...