CVE-2014-7817
EPSS 0.16%發布日:2014/11/24修改日:2026/4/28
描述
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
受影響套件(1)
- Debian/glibcfrom 0, < 2.19-14