rpm package
suse/bash&distro=SUSE Enterprise Storage 4
pkg:rpm/suse/bash&distro=SUSE%20Enterprise%20Storage%204
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-9924 | Hig | 7.8 | < 4.3-83.23.1 | 4.3-83.23.1 | Mar 22, 2019 | rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. | |
| CVE-2016-0634 | Hig | 7.5 | < 4.3-83.10.1 | 4.3-83.10.1 | Aug 28, 2017 | The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine. | |
| CVE-2016-7543 | Hig | 8.4 | < 4.3-83.10.1 | 4.3-83.10.1 | Jan 19, 2017 | Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. |
- affected < 4.3-83.23.1fixed 4.3-83.23.1
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
- affected < 4.3-83.10.1fixed 4.3-83.10.1
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
- affected < 4.3-83.10.1fixed 4.3-83.10.1
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.