Lucene search
K
Devscripts Devel TeamDevscripts

7 matches found

CVE
CVE
added 2012/06/16 12:0 a.m.72 views

CVE-2012-0212

CVE-2012-0212 affects devscripts; the debdiff.pl component in versions before 2.10.69 and 2.11.x before 2.11.4 allows remote code execution via shell metacharacters in the file name argument. This vulnerability is reflected in multiple advisories (Ubuntu USN-1593-1, Debian security trackers, and ...

9.3CVSS7.6AI score0.05816EPSS
CVE
CVE
added 2012/10/01 12:0 a.m.70 views

CVE-2012-2242

CVE-2012-2242 affects devscripts' dget.pl prior to version 2.10.73, where crafted .dsc/.changes files can trigger remote commands due to insufficient escaping of arguments to external commands. The issue allows remote code execution and is separate from CVE-2012-2240. A fix is needed by upgrading...

6.8CVSS7.4AI score0.01697EPSS
Web
CVE
CVE
added 2012/10/01 12:0 a.m.68 views

CVE-2012-3500

CVE-2012-3500 is a local reliability issue in the annotate-output mechanism: scripts/annotate-output.sh in devscripts < 2.12.2 (used by rpmdevtools

1.2CVSS6AI score0.0027EPSS
CVE
CVE
added 2012/10/01 12:0 a.m.67 views

CVE-2012-2241

CVE-2012-2241 affects devscripts prior to version 2.12.3. The vulnerability allows a remote attacker to delete arbitrary files by supplying crafted .dsc or .changes files, with a likely NULL-byte filename issue cited in the description. Exploitation context is remote, with impact described as del...

5CVSS6.5AI score0.01505EPSS
CVE
CVE
added 2012/10/01 12:0 a.m.66 views

CVE-2012-2240

CVE-2012-2240 affects devscripts, specifically the dscverify.pl component. The vulnerability occurs in scripts/dscverify.pl in devscripts before version 2.12.3, where remote attackers could execute arbitrary commands via unspecified vectors related to arguments to external commands. Multiple conn...

7.5CVSS7.4AI score0.03154EPSS
CVE
CVE
added 2012/06/16 12:0 a.m.60 views

CVE-2012-0211

CVE-2012-0211 concerns debdiff.pl, part of devscripts, with vulnerable versions 2.10.x before 2.10.69 and 2.11.x before 2.11.4. The issue allows remote code execution via a specially crafted tarball filename in the top-level directory of the original .orig source tarball. The Debian security advi...

9.3CVSS7.4AI score0.05816EPSS
CVE
CVE
added 2012/06/16 12:0 a.m.59 views

CVE-2012-0210

CVE-2012-0210 affects devscripts’ debdiff component. Affected: devscripts package (Debian) with vulnerable debdiff in 2.10.x before 2.10.69 and 2.11.x before 2.11.4. Root cause: insufficient input sanitisation when processing .dsc and .changes files, enabling remote code execution and information...

9.3CVSS7.2AI score0.05275EPSS