Debian: >> Lintian >> 1.23.13 Security Vulnerabilities
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.
CVSS Score
6.3
EPSS Score
0.008
Published
2019-11-07
Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-05-08
Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems.
CVSS Score
9.8
EPSS Score
0.008
Published
2010-02-02
Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.
CVSS Score
7.5
EPSS Score
0.02
Published
2010-02-02
Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allows remote attackers to execute arbitrary commands via shell metacharacters in filename arguments.
CVSS Score
7.5
EPSS Score
0.012
Published
2010-02-02