Vulnerabilities > GNU > Bash > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-05 | CVE-2022-3715 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. | 7.8 |
2019-11-28 | CVE-2019-18276 | Improper Check for Dropped Privileges vulnerability in multiple products An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. | 7.8 |
2019-06-18 | CVE-2012-6711 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. | 7.8 |
2019-03-22 | CVE-2019-9924 | Missing Authorization vulnerability in multiple products rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. | 7.2 |
2017-01-19 | CVE-2016-7543 | Improper Input Validation vulnerability in multiple products Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. | 8.4 |