suse · CVE-2018-1100

Quick triage

Priority: high Published: 2021-05-30 14:06:52 UTC Updated: 2026-04-17 15:44:12 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-1100 severity important: SUSE including 246 source package names (amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, amazon/suse-sles-15-sp1-chost-byos-v20220127-hvm-ssd-x86_64, …), 306 product×package rows across 68 product lines (HPE Helion OpenStack 8, Image SLES12-SP5-Azure-BYOS, … (68 product lines)): Known Affected 231, Fixed 54, Known Not Affected 21.

Description:

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

cvelogic Threat Intelligence