CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18205 – zsh: NULL dereference in cd in sh compatibility mode under given circumstances
https://notcve.org/view.php?id=CVE-2017-18205
27 Feb 2018 — In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. En builtin.c en zsh, en versiones anteriores a la 5.4, cuando se emplea el modo de compatibilidad sh, hay una desreferencia de puntero NULL durante el procesamiento del comando cd sin argumento si no está establecido HOME. A NULL pointer dereference flaw was found in the code responsible for the cd builtin command of the zsh package.... • https://access.redhat.com/errata/RHSA-2018:3073 • CWE-476: NULL Pointer Dereference CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-10070 – Ubuntu Security Notice USN-3593-1
https://notcve.org/view.php?id=CVE-2014-10070
27 Feb 2018 — zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation contexts when the environment has not been properly sanitized, such as when zsh is invoked by sudo on systems where "env_reset" has been disabled. zsh, en versiones anteriores a la 5.0.7, permite la evaluación de los v... • http://zsh.sourceforge.net/releases.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-10072 – zsh: buffer overflow when scanning very long directory paths for symbolic links
https://notcve.org/view.php?id=CVE-2014-10072
27 Feb 2018 — In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links. En utils.c en zsh, en versiones anteriores a la 5.0.6, hay un desbordamiento de búfer al escanear rutas de directorio muy largas para detectar enlaces simbólicos. A buffer overflow flaw was found in the zsh shell symbolic link resolver. A local, unprivileged user can create a specially crafted directory path which leads to a buffer overflow in the context of the user trying to do symbolic l... • https://access.redhat.com/errata/RHSA-2018:1932 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •