Vulnerabilities > GNU > Bash > 4.3.30

DATE CVE VULNERABILITY TITLE RISK
2019-11-28 CVE-2019-18276 Improper Check for Dropped Privileges vulnerability in multiple products
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11.
local
low complexity
gnu netapp oracle CWE-273
7.8
7.8
2019-03-22 CVE-2019-9924 Missing Authorization vulnerability in multiple products
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
local
low complexity
gnu debian opensuse netapp canonical CWE-862
7.8
7.8
2017-01-23 CVE-2016-9401 Use After Free vulnerability in multiple products
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
local
low complexity
gnu debian redhat CWE-416
5.5
5.5