{ "schema_version": "1.4.0", "id": "GHSA-hwmp-fjcm-wrhx", "modified": "2025-04-11T03:58:28Z", "published": "2022-05-04T00:28:51Z", "aliases": [ "CVE-2012-0211" ], "details": "debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0211" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73216" }, { "type": "WEB", "url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=87f88232eb643f0c118c6ba38db8e966915b450f" }, { "type": "WEB", "url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=9cbe605d3eab4f9e67525f69b676c55b273b7a03" }, { "type": "WEB", "url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f" }, { "type": "WEB", "url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=9cbe605d3eab4f9e67525f69b676c55b273b7a03" }, { "type": "WEB", "url": "http://secunia.com/advisories/47955" }, { "type": "WEB", "url": "http://secunia.com/advisories/48039" }, { "type": "WEB", "url": "http://ubuntu.com/usn/usn-1366-1" }, { "type": "WEB", "url": "http://www.debian.org/security/2012/dsa-2409" }, { "type": "WEB", "url": "http://www.osvdb.org/79320" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/52029" } ], "database_specific": { "cwe_ids": [ "CWE-20" ], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2012-06-16T00:55:00Z" } }