CVE-2019-13636
Published
CVSS v3
N/A
CVSS v2
5.8
MEDIUM
Affected
1
PROJECT
Description
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
The GNU patch utility was prone vulnerable to multiple attacks through version 2.7.6. You can find my related PoC files here.
GitHub