« List of all CVEs

CVE-2014-0475

Published: 7/29/2014 Last updated: 8/6/2024 Reserved: 12/19/2013

Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

CNA assigner: debian (79363d38-fa19-49d1-9214-5f28da3f3ac5) Requested by: n/a

Opam packages affected (1)

gettext-stub

Products affected (1)

Product Vendor Version
n/a n/a < ad673e514b2793b8d5902f6ba6ab7e890dea23d5

References (20)