Vulnerabilities > ZSH > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-09 CVE-2018-1071 Stack-based Buffer Overflow vulnerability in multiple products
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function.
local
low complexity
zsh debian canonical redhat CWE-121
5.5
2018-02-27 CVE-2018-7549 Improper Input Validation vulnerability in multiple products
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
network
low complexity
zsh redhat canonical CWE-20
5.0
2007-12-04 CVE-2007-6209 Permissions, Privileges, and Access Controls vulnerability in ZSH 4.3.4
Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
local
low complexity
linux zsh CWE-264
4.6