Total vulnerabilities in the database
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.
| Software | From | Fixed in |
|---|---|---|
| gnu / bash | 4.0-rc1 | 4.0-rc1.x |
| gnu / bash | 4.3 | 4.3.x |
| gnu / bash | 3.2.48 | 3.2.48.x |
| gnu / bash | 1.14.3 | 1.14.3.x |
| gnu / bash | 4.1 | 4.1.x |
| gnu / bash | 2.05-a | 2.05-a.x |
| gnu / bash | 2.05-b | 2.05-b.x |
| gnu / bash | 2.05 | 2.05.x |
| gnu / bash | 1.14.1 | 1.14.1.x |
| gnu / bash | 3.0 | 3.0.x |
| gnu / bash | 2.01 | 2.01.x |
| gnu / bash | 2.04 | 2.04.x |
| gnu / bash | 2.0 | 2.0.x |
| gnu / bash | 2.01.1 | 2.01.1.x |
| gnu / bash | 1.14.7 | 1.14.7.x |
| gnu / bash | 3.1 | 3.1.x |
| gnu / bash | 1.14.6 | 1.14.6.x |
| gnu / bash | 1.14.2 | 1.14.2.x |
| gnu / bash | 4.0 | 4.0.x |
| gnu / bash | 1.14.4 | 1.14.4.x |
| gnu / bash | 4.2 | 4.2.x |
| gnu / bash | 2.02.1 | 2.02.1.x |
| gnu / bash | 3.0.16 | 3.0.16.x |
| gnu / bash | 1.14.5 | 1.14.5.x |
| gnu / bash | 1.14.0 | 1.14.0.x |
| gnu / bash | 2.02 | 2.02.x |
| gnu / bash | 3.2 | 3.2.x |
| gnu / bash | 2.03 | 2.03.x |