Devscripts Devel Team: >> Devscripts Security Vulnerabilities
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file.
CVSS Score
9.3
EPSS Score
0.045
Published
2012-06-16
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package.
CVSS Score
9.3
EPSS Score
0.107
Published
2012-06-16
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument.
CVSS Score
9.3
EPSS Score
0.107
Published
2012-06-16
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.
CVSS Score
9.3
EPSS Score
0.009
Published
2009-09-04
Page 2