Unrated severityNVD Advisory· Published Sep 4, 2009· Updated Apr 23, 2026

CVE-2009-2946

Description

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.

Affected products

Devscripts Devel Team/Devscripts
cpe:2.3:a:devscripts_devel_team:devscripts:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.debian.org/cgi-bin/bugreport.cginvd
svn.debian.org/wsvn/devscripts/trunk/scripts/uscan.plnvd
svn.debian.org/wsvn/devscripts/trunk/scripts/uscan.plnvd
www.debian.org/security/2009/dsa-1878nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000