EPSS
Percentile
79.5%
zsh is vulnerable to Improper Input Validation. The library does not properly handle the beginning of a #! in script file which may potentially lead to execve call to a program named on the second line.
bugs.debian.org/908000
lists.debian.org/debian-lts-announce/2020/12/msg00000.html
security-tracker.debian.org/tracker/CVE-2018-0502
security.gentoo.org/glsa/201903-02
sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d
usn.ubuntu.com/3764-1/
www.zsh.org/mla/zsh-announce/136