CVE-2016-10714

Published: 27 February 2018

In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
zsh
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (5.1.1-1ubuntu2.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [5.0.2-3ubuntu6.1])