Your submission was sent successfully! Close

CVE-2018-0502

Published: 5 September 2018

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
zsh
Launchpad, Ubuntu, Debian
bionic
Released (5.4.2-3ubuntu3.1)
precise Does not exist

trusty Does not exist
(trusty was released [5.0.2-3ubuntu6.3])
upstream
Released (5.6-1)
xenial
Released (5.1.1-1ubuntu2.3)
Patches:
other: https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d