CVE-2021-45444

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

References

Affected packages

Git / github.com/keybase/client

Affected ranges

Type: GIT
Repo: https://github.com/keybase/client
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

fefa22edc1f77b93930d0a682ba2b8900177e73a

Affected versions

0.*

0.1.1

0.1.2

0.1.3

0.1.4

0.1.5

0.1.6

0.1.7

0.1.8

0.8.1

1.*

1.0.0-28

Other

dummy-build

help

trailing-comma-after

trailing-comma-before

v1.*

v1.0.0-14

v1.0.0-15

v1.0.0-16

v1.0.0-17

v1.0.0-18

v1.0.0-19

v1.0.0-20

v1.0.0-21

v1.0.0-22

v1.0.0-23

v1.0.0-24

v1.0.0-25

v1.0.0-27

v1.0.0-28

v1.0.0-29

v1.0.0-29a

v1.0.0-29b

v1.0.0-29c

v1.0.0-29d

v1.0.0-29e

v1.0.0-29f

v1.0.0-29g

v1.0.0-30

v1.0.0-31

v1.0.0-32

v1.0.0-34

v1.0.0-35

v1.0.0-36

v1.0.0-37

v1.0.0-38

v1.0.0-39

v1.0.0-40

v1.0.0-41

v1.0.0-42

v1.0.0-43

v1.0.0-44

v1.0.0-45

v1.0.0-46

v1.0.0-47

v1.0.0-beta.1

v1.0.0-beta.8

v1.0.1-0

v1.0.10-0

v1.0.12-0

v1.0.13-0

v1.0.14-0

v1.0.14-1

v1.0.15

v1.0.16

v1.0.17

v1.0.18

v1.0.19

v1.0.2-0

v1.0.20

v1.0.21

v1.0.22

v1.0.27

v1.0.28

v1.0.29

v1.0.3-0

v1.0.30

v1.0.31

v1.0.33

v1.0.34

v1.0.36

v1.0.39

v1.0.4-0

v1.0.4-4

v1.0.40

v1.0.41

v1.0.43

v1.0.44

v1.0.46

v1.0.47

v1.0.48

v1.0.5-0

v1.0.5-1

v1.0.5-2

v1.0.5-4

v1.0.5-5

v1.0.5-6

v1.0.5-6-windows

v1.0.5-7-windows

v1.0.6-0

v1.0.6-0-windows

v1.0.6-1

v1.0.6-1-windows

v1.0.7-0

v1.0.7-0-windows

v1.0.8-0

v1.0.8-0-windows

v1.0.9-0

v1.0.9-1

v2.*

v2.0.0

v2.1.0

v2.3.0

v2.5.0

v2.6.0

v2.7.0

v2.8.0

v2.9.0

v5.*

v5.8.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45444.json"