Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-25817HistoryMar 06, 2024 - 12:15 a.m.
CVE-2024-25817
2024-03-0600:15:52
Debian Security Bug Tracker
security-tracker.debian.org
12
cve-2024-25817
vulnerability
buffer overflow
eza
local attackers
arbitrary code
.git/head
.git/refs
.git/objects
unix
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
Low
EPSS
0
Percentile
9.0%
Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | rust-eza | < 0.18.2-1 | rust-eza_0.18.2-1_all.deb |
| Debian | 13 | all | rust-eza | < 0.18.2-1 | rust-eza_0.18.2-1_all.deb |
Related
vulnrichment
vulnrichment
CVE-2024-25817
2024-03-05 00:00:00
cvelist
cvelist
CVE-2024-25817
2024-03-05 00:00:00
github
github
eza Potential Heap Overflow Vulnerability for AArch64
2024-02-08 18:47:28
prion
prion
Buffer overflow
2024-03-06 00:15:00
cve
cve
CVE-2024-25817
2024-03-06 00:15:52
nvd
nvd
CVE-2024-25817
2024-03-06 00:15:52
osv
osv
eza Potential Heap Overflow Vulnerability for AArch64
2024-02-08 18:47:28
ubuntucve
ubuntucve
CVE-2024-25817
2024-03-06 00:00:00
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
Low
EPSS
0
Percentile
9.0%
Related for DEBIANCVE:CVE-2024-25817