公告ID: KYLIN-2019-13638
安全等级: 中等
产品: Kylin V3
发布日期: 2019年7月29日
CVE: CVE-2019-13638
CVSS3评分: 5.3
概述:
None 描述:
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
patch
patch
patch
patch