CVE Vulnerabilities

CVE-2016-10714

Published: Feb 27, 2018 | Modified: Jun 11, 2019
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
3.3 LOW
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Ubuntu
MEDIUM

In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.

Affected Software

Name Vendor Start Version End Version
Zsh Zsh * 5.3 (excluding)
Zsh Ubuntu artful *
Zsh Ubuntu esm-infra/xenial *
Zsh Ubuntu trusty *
Zsh Ubuntu xenial *

References