VDB
CVE-2024-38448
CVE-2024-38448
PUBLISHED
CVSS 9.100000381469727 CRITICAL
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used.
EPSS 0.24% · 47.8th percentile
Risk Scores
CVSS 3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.24%
47.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| gnu | global | 0 |
Exploit Intelligence
Timeline
- Jun 16, 2024 CVE Published
- Jun 17, 2024 EPSS Score
- Jul 10, 2024 EPSS Score
- Aug 2, 2024 EPSS Score
- Aug 2, 2024 CVE Updated
- Aug 24, 2024 EPSS Score
- Sep 16, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 9, 2024 EPSS Score
- Nov 1, 2024 EPSS Score
- Nov 24, 2024 EPSS Score
- Jan 9, 2025 EPSS Score