CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1429
https://notcve.org/view.php?id=CVE-2013-1429
07 Nov 2019 — Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. Lintian versiones anteriores a 2.5.12, permite a atacantes remotos recabar información sobre el sistema "host" utilizando enlaces simbólicos diseñados. • https://bugs.launchpad.net/ubuntu/+source/lintian/+bug/1169636 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8829 – Ubuntu Security Notice USN-3310-1
https://notcve.org/view.php?id=CVE-2017-8829
08 May 2017 — Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file. Una vulnerabilidad de deserialización en lintian hasta 2.5.50.3 permite a un atacante realizar una ejecución de código solicitando un paquete de fuentes con un archivo YAML manipulado. Jakub Wilk discovered that lintian incorrectly handled deserializing certain YAML files. If a user or automated system were tricked into running lintian on a... • https://bugs.debian.org/861958 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1000
https://notcve.org/view.php?id=CVE-2004-1000
10 Jan 2004 — lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack. • http://secunia.com/advisories/13771 •