0.976 High
EPSS
Percentile
100.0%
GNU Bash versions 1.14 through 4.3 contain a flaw that processes commands placed after function definitions in the added environment variable, allowing remote attackers to execute arbitrary code via a crafted environment which enables network-based exploitation.
Original disclosure: http://www.openwall.com/lists/oss-security/2014/09/24/11
Detailed analysis by lcamtuf:
0.976 High
EPSS
Percentile
100.0%