CVE-2021-45444|In zsh before 5.8.1, an attacker can... - VULHUB开源网络安全威胁库

In zsh before 5.8.1, an attacker can... CVE-2021-45444

5.1 AV AC AU C I A

发布： 2022-02-14

修订： 2024-11-21

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

0%

漏洞利用/PoC

当前有5条漏洞利用/PoC

受影响的平台与产品

当前有22条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

相关漏洞清单查看更多>

Zsh是一款可用作交互式登录的shell及脚本编写的命令解释器。 Zsh... (VHN-152551)
2023-11-07
This issue was addressed by removing... (VHN-417415)
2024-11-21
An out-of-bounds write issue was... (VHN-417417)
2024-11-21
An out-of-bounds read issue was... (VHN-417366)
2024-11-21
An out-of-bounds read issue was... (VHN-417367)
2024-11-21
Apple... (VHN-417383)
2024-11-21
An out-of-bounds write issue was... (VHN-417384)
2024-11-21
An out-of-bounds write issue was... (VHN-417389)
2024-11-21
A memory initialization issue was... (VHN-417390)
2024-11-21
A memory initialization issue was... (VHN-417391)
2024-11-21