VDB
CVE-2014-2906
CVE-2014-2906
PUBLISHED
CVSS 7 HIGH
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
EPSS 0.11% · 29.0th percentile
Risk Scores
CVSS 3.1
7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.11%
29.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| fishshell | fish | 1.16.0 |
Exploit Intelligence
Timeline
- Sep 24, 2019 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score