Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GnuPatch*

3 matches found

CVE
CVEadded 2019/08/16 4:15 a.m.699 views

CVE-2018-20969

do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.

9.3CVSS7.4AI score0.03446EPSS
CVE
CVEadded 2019/07/17 9:15 p.m.543 views

CVE-2019-13636

In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.

5.9CVSS6.3AI score0.04739EPSS
CVE
CVEadded 2019/11/25 4:15 p.m.53 views

CVE-2015-1396

A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.

7.5CVSS6.2AI score0.03663EPSS