CVE-2024-41815

CVSS 3.1 Score 7.4 of 10 (high)

Details

Published Jul 26, 2024

Updated: Jul 29, 2024

CWE ID 77

Summary

CVE-2024-41815 is a vulnerability affecting Starship, a cross-shell prompt used in bash environments. Versions prior to 1.20.0 contain unpredictable shell expansion and quoting rules, which can lead to accidental shell injection when using custom commands. The impact is limited to users with custom commands, and exploitation requires knowledge of those commands. This issue has been addressed in version 1.20.0.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Starship

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xLALvJ
https://www.cve.org/CVERecord?id=CVE-2024-41815
https://nvd.nist.gov/vuln/detail/CVE-2024-41815

Back to Vulnerability Database

CVE-2024-41815

CVSS 3.1 Score 7.4 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations