Debian: >> Devscripts >> 2.12.2 Security Vulnerabilities
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-12-03
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
CVSS Score
9.8
EPSS Score
0.013
Published
2018-07-01