Vulnerabilities > Pacman Project

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-24	CVE-2019-18183	OS Command Injection vulnerability in multiple products pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. network low complexity pacman-project fedoraproject CWE-78 critical	9.8
2020-02-24	CVE-2019-18182	OS Command Injection vulnerability in multiple products pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. network low complexity pacman-project fedoraproject CWE-78 critical	9.8
2019-03-11	CVE-2019-9686	Path Traversal vulnerability in Pacman Project Pacman pacman before 5.1.3 allows directory traversal when installing a remote package via a specified URL "pacman -U <url>" due to an unsanitized file name received from a Content-Disposition header. network pacman-project CWE-22 critical	9.3
2017-01-30	CVE-2016-5434	Resource Management Errors vulnerability in Pacman Project Pacman 5.0.1 libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file. network pacman-project CWE-399	7.1

Vulnerabilities > Pacman Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Pacman Project"}]}