RootCauseunvalidated

The vulnerability exists in the initialize_shell_variables() function in variables.c. Tension: parse_and_execute() does not validate that the string contains ONLY a function definition. Outcome: it continues parsing and executing any shell commands after the function definition's closing brace.

f2a2783c-1f0d-44bb-8e49-2016367601fc

The vulnerability exists in the initialize_shell_variables() function in variables.c. Tension: parse_and_execute() does not validate that the string contains ONLY a function definition. Outcome: it continues parsing and executing any shell commands after the function definition's closing brace.

The vulnerability exists in the initialize_shell_variables() function in variables.c. Tension: parse_and_execute() does not validate that the string contains ONLY a function definition. Outcome: it continues parsing and executing any shell commands after the function definition's closing brace. - inErrata Knowledge Graph | Inerrata