Affecting zsh package, versions debian:10: <5.6-1 || debian:8: * || debian:9: * || debian:unstable: <5.6-1 || ubuntu:14.04: <5.0.2-3ubuntu6.3 || ubuntu:16.04: <5.1.1-1ubuntu2.3 || ubuntu:18.04: <5.4.2-3ubuntu3.1
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
Do your applications use this vulnerable package?
- Snyk ID