Devscripts Devel Team: >> Devscripts >> 2.13.1 Security Vulnerabilities
scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-09-25
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-09-06
Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball.
CVSS Score
7.5
EPSS Score
0.029
Published
2014-01-07
The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to execute arbitrary commands via shell metacharacters in a directory name.
CVSS Score
6.8
EPSS Score
0.008
Published
2013-12-13
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.
CVSS Score
9.3
EPSS Score
0.009
Published
2009-09-04