bash (SUSE:Linux Enterprise Software Development Kit 11 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 11 SP4 package bash, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2016-7543 — CVSS 8.4 (high): Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
CVE-2016-0634 — CVSS 7.5 (high): The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters…
CVE-2016-9401 — CVSS 5.5 (medium): popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.