Devscripts Devel Team Devscripts — known CVE vulnerabilities
Every CVE whose affected-product data names Devscripts Devel Team Devscripts, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2009-2946 — CVSS 9.3 (critical): Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via…
CVE-2012-0211 — CVSS 9.3 (critical): debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted…
CVE-2012-0212 — CVSS 9.3 (critical): debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell…
CVE-2012-0210 — CVSS 9.3 (critical): debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute…
CVE-2015-5704 — CVSS 7.8 (high): scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
CVE-2015-5705 — CVSS 7.5 (high): Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and…
CVE-2012-2240 — CVSS 7.5 (high): scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to…
CVE-2013-6888 — CVSS 7.5 (high): Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball.
CVE-2013-7050 — CVSS 6.8 (medium): The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to…
CVE-2012-2242 — CVSS 6.8 (medium): scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes…
CVE-2013-7085 — CVSS 5.8 (medium): Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace character…
CVE-2012-2241 — CVSS 5.0 (medium): scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .changes file…
CVE-2014-1833 — CVSS 5.0 (medium): Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar…
CVE-2012-3500 — CVSS 1.2 (low): scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via…