Patch
Sign in to watchby GNU
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-1395 | Hig | 0.49 | 7.5 | 0.04 | Aug 25, 2017 | Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name. | |
| CVE-2014-9637 | Med | 0.36 | 5.5 | 0.00 | Aug 25, 2017 | GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. | |
| CVE-2015-1196 | 0.00 | — | 0.01 | Jan 21, 2015 | GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. |