Zsh 5.5.1

CPE Details

Zsh 5.5.1
zsh
zsh
5.5.1
2019-06-11
13h51 +00:00
2019-06-11
13h51 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:zsh:zsh:5.5.1:-:*:*:*:*:*:*

Informations

Vendor

zsh

Product

zsh

Version

5.5.1

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-45444 2022-02-13 04h32 +00:00 In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.
7.8
High
CVE-2019-20044 2020-02-24 12h09 +00:00 In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().
7.8
High
CVE-2018-0502 2018-09-05 05h00 +00:00 An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
9.8
Critical
CVE-2018-13259 2018-09-05 05h00 +00:00 An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
9.8
Critical