Vulnerabilities > Devscripts Devel Team
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-25 | CVE-2015-5704 | Command Injection vulnerability in multiple products scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands. | 7.2 |
| 2017-09-06 | CVE-2015-5705 | Link Following vulnerability in multiple products Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename. | 5.0 |
| 2014-02-05 | CVE-2014-1833 | Path Traversal vulnerability in Devscripts Devel Team Devscripts 2.14.1 Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink. | 5.0 |
| 2013-12-14 | CVE-2013-7085 | Improper Input Validation vulnerability in Devscripts Devel Team Devscripts 2.13.5 Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace character in a filename. | 5.8 |
| 2012-10-01 | CVE-2012-2242 | Improper Input Validation vulnerability in Devscripts Devel Team Devscripts scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240. | 6.8 |
| 2012-10-01 | CVE-2012-2240 | Improper Input Validation vulnerability in Devscripts Devel Team Devscripts scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands." | 7.5 |
| 2009-09-04 | CVE-2009-2946 | Unspecified vulnerability in Devscripts Devel Team Devscripts Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages. | 9.3 |