Home

CVE-2019-13636

Description

In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.

Risk Information

Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
4.407

Associated Vulnerability

VulnerabilityOS Platform
Apply a diff file to an original (USN-4071-1) patch_2.7.6-2ubuntu1.1_i386.debLinux
Apply a diff file to an original (USN-4071-1) patch_2.7.6-2ubuntu1.1_amd64.debLinux
Apply a diff file to an original (USN-4071-1) patch_2.7.6-3ubuntu0.1_i386.debLinux
Apply a diff file to an original (USN-4071-1) patch_2.7.6-3ubuntu0.1_amd64.debLinux
Apply a diff file to an original (USN-4071-1) patch_2.7.5-1ubuntu0.16.04.2_i386.debLinux
Apply a diff file to an original (USN-4071-1) patch_2.7.5-1ubuntu0.16.04.2_amd64.debLinux
patch security update(DSA-4489-1) patch_2.7.5-1+deb9u2_i386.debLinux
patch security update(DSA-4489-1) patch_2.7.5-1+deb9u2_amd64.debLinux
patch security update(DSA-4489-1) patch_2.7.6-3+deb10u1_amd64.debLinux
(RHSA-2020:1852) patch security and bug fix update patch-2.7.6-11.el8.x86_64.rpmLinux
(RHSA-2020:1852) patch security and bug fix update patch-debugsource-2.7.6-11.el8.x86_64.rpmLinux
(CESA-2020:1852) patch security and bug fix update patch-2.7.6-11.el8.x86_64.rpmLinux
SUSE-SU-2022:1932-1(SUSE Linux Enterprise Server 12-SP5 ) patch-2.7.5-8.8.1.x86_64.rpmLinux
SUSE-SU-2022:1932-1(SUSE Linux Enterprise Server 12-SP5 ) patch-debuginfo-2.7.5-8.8.1.x86_64.rpmLinux
SUSE-SU-2022:1932-1(SUSE Linux Enterprise Server 12-SP5 ) patch-debugsource-2.7.5-8.8.1.x86_64.rpmLinux
(RHSA-2020:1852)Moderate: security and bug fix update patch-debuginfo-2.7.6-11.el8.x86_64.rpmLinux
patch security and bug fix update (RLSA-2020:1852) patch-2.7.6-11.el8.x86_64.rpmLinux
Patch update (ELSA-2020-1852) patch-2.7.6-11.el8.x86_64.rpmLinux
patch Security Update (ALAS-2020-1457) patch-2.7.1-12.amzn2.0.2.x86_64.rpmLinux
Moderate: patch security and bug fix update patch-2.7.6-11.el8.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234