CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1429
https://notcve.org/view.php?id=CVE-2013-1429
07 Nov 2019 — Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. Lintian versiones anteriores a 2.5.12, permite a atacantes remotos recabar información sobre el sistema "host" utilizando enlaces simbólicos diseñados. • https://bugs.launchpad.net/ubuntu/+source/lintian/+bug/1169636 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8829 – Ubuntu Security Notice USN-3310-1
https://notcve.org/view.php?id=CVE-2017-8829
08 May 2017 — Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file. Una vulnerabilidad de deserialización en lintian hasta 2.5.50.3 permite a un atacante realizar una ejecución de código solicitando un paquete de fuentes con un archivo YAML manipulado. Jakub Wilk discovered that lintian incorrectly handled deserializing certain YAML files. If a user or automated system were tricked into running lintian on a... • https://bugs.debian.org/861958 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2009-4013
https://notcve.org/view.php?id=CVE-2009-4013
02 Feb 2010 — Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems. Múltiples vulnerabilidades de salto de directorio en Lintian v1.23.x anterior a v1.23.28, v1.24.x anterior a v1.24.2.1, y v2.x anterior a v2.3.2 permite a atacantes remotos sobreescribir ar... • http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 2%CPEs: 61EXPL: 0CVE-2009-4014
https://notcve.org/view.php?id=CVE-2009-4014
02 Feb 2010 — Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module. Múltiples vulnerabilidades de formato de cadena en Lintian v1.23.x anterior a v1.23.28, v1.24.x anterior a v1.24.2.1, y v2.x anterior a v2.3.2 permite a atacantes remotos tener un impacto no especificado a través de vectores que implican (1) comprobar las secue... • http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 1%CPEs: 60EXPL: 0CVE-2009-4015
https://notcve.org/view.php?id=CVE-2009-4015
02 Feb 2010 — Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allows remote attackers to execute arbitrary commands via shell metacharacters in filename arguments. Lintian v1.23.x anterior a v1.23.28, v1.24.x anterior a v1.24.2.1, y v2.x anterior a v2.3.2 permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres del interprete de comandos (shell) en los argumentos de nombre de archivo. • http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •