Skip to main content

Fish

3 CVEs product

Monthly

CVE-2023-49284 MEDIUM POC PATCH This Month

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. Public exploit code available.

RCE Information Disclosure Denial Of Service Apple Fish
NVD GitHub
CVSS 3.1
6.6
EPSS
0.5%
CVE-2022-20001 HIGH PATCH This Week

fish is a command line shell. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Fish Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2014-2905 MEDIUM This Month

fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Fish
NVD GitHub VulDB
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 6.6
MEDIUM POC PATCH This Month

fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. Public exploit code available.

RCE Information Disclosure Denial Of Service +2
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

fish is a command line shell. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Fish Fedora +1
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM This Month

fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Fish
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy