threat
engine
.sh
Back
·
··:··
Home
/
Product
/
zsh
Product
zsh
16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-45444
< 5.8.1
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by
7.8
HIGH
CVE-2019-20044
< 5.8
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to ov
7.8
HIGH
CVE-2018-13259
< 5.6
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve
9.8
CRITICAL
CVE-2018-0502
< 5.6
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call
9.8
CRITICAL
CVE-2018-1100
<= 5.4.2
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker c
7.8
HIGH
CVE-2018-1083
<= 5.4.1
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged u
7.8
HIGH
CVE-2018-1071
<= 5.4.2
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could
5.5
MEDIUM
CVE-2018-7549
<= 5.4.2
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
7.5
HIGH
CVE-2018-7548
<= 5.4.2
In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.
9.8
CRITICAL
CVE-2017-18206
< 5.4
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
9.8
CRITICAL
CVE-2017-18205
< 5.4
In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the c
8.1
HIGH
CVE-2016-10714
< 5.3
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
9.8
CRITICAL
CVE-2014-10072
< 5.0.6
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.
9.8
CRITICAL
CVE-2014-10071
< 5.0.7
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
9.8
CRITICAL
CVE-2014-10070
<= 5.0.6
zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating t
7.8
HIGH
CVE-2007-6209
all versions
Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin