CVE-2018-13259 log

Source
Severity Low
Remote No
Type Insufficient validation
Description
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
Group Package Affected Fixed Severity Status Ticket
AVG-764 zsh 5.5.1-2 5.6-1 Low Fixed
Date Advisory Group Package Severity Type
24 Sep 2018 ASA-201809-3 AVG-764 zsh Low insufficient validation
References
https://bugs.debian.org/908000
https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d