Linux Distros Unpatched Vulnerability : CVE-2021-45444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs...

SUSE CVE-2018-1083

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...

CVE-2021-45444

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPTSUBST expansion...

SUSE-SU-2018:1874-1 Security update for zsh

This update for zsh to version 5.5 fixes the following issues: Security issues fixed: - CVE-2018-1100: Fixes a buffer overflow in utils.c:checkmailpath that can lead to local arbitrary code execution bsc1089030 - CVE-2018-1071: Fixed a stack-based buffer overflow in exec.c:hashcmd bsc1084656 -...