CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
95.0%
Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball.
Vendor | Product | Version | CPE |
---|---|---|---|
devscripts_devel_team | devscripts | * | cpe:2.3:a:devscripts_devel_team:devscripts:*:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.0 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.0:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.1 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.1:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.2 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.2:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.3 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.3:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.4 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.4:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.5 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.5:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.6 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.6:*:*:*:*:*:*:* |
devscripts_devel_team | devscripts | 2.13.7 | cpe:2.3:a:devscripts_devel_team:devscripts:2.13.7:*:*:*:*:*:*:* |
anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git%3Ba=commitdiff%3Bh=02c6850d973e3e1246fde72edab27f03d63acc52
marc.info/?l=oss-security&m=138900586911271&w=2
secunia.com/advisories/56192
secunia.com/advisories/56579
www.debian.org/security/2014/dsa-2836
www.securityfocus.com/bid/64656
www.ubuntu.com/usn/USN-2084-1
exchange.xforce.ibmcloud.com/vulnerabilities/90107