CVE-2018-0502

Published: 05 September 2018

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
zsh
Launchpad, Ubuntu, Debian
Upstream
Released (5.6-1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (5.4.2-3ubuntu3.1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (5.1.1-1ubuntu2.3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [5.0.2-3ubuntu6.3])
Patches:
Other: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d