Vulnerabilities > ZSH > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2021-45444 In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument.
local
low complexity
zsh fedoraproject debian apple
7.8
2020-02-24 CVE-2019-20044 Improper Check for Dropped Privileges vulnerability in multiple products
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option.
local
low complexity
zsh fedoraproject debian apple CWE-273
7.8
2018-09-05 CVE-2018-13259 Improper Input Validation vulnerability in multiple products
An issue was discovered in zsh before 5.6.
network
low complexity
canonical zsh CWE-20
7.5
2018-09-05 CVE-2018-0502 Improper Input Validation vulnerability in multiple products
An issue was discovered in zsh before 5.6.
network
low complexity
canonical zsh CWE-20
7.5
2018-04-11 CVE-2018-1100 Classic Buffer Overflow vulnerability in multiple products
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function.
local
low complexity
zsh canonical redhat CWE-120
7.8
2018-03-28 CVE-2018-1083 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality.
local
low complexity
zsh canonical debian redhat CWE-119
7.8
2018-02-27 CVE-2018-7548 NULL Pointer Dereference vulnerability in multiple products
In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.
network
low complexity
zsh canonical CWE-476
7.5
2018-02-27 CVE-2017-18206 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
network
low complexity
zsh canonical CWE-119
7.5
2018-02-27 CVE-2016-10714 Numeric Errors vulnerability in multiple products
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
network
low complexity
zsh canonical CWE-189
7.5
2018-02-27 CVE-2014-10071 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
network
low complexity
zsh canonical CWE-119
7.5