Filtered by vendor Redhat
Subscriptions
Filtered by product Pdrive Lightspeed
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44604 | 1 Redhat | 6 Enterprise Linux, Hummingbird, Openshift and 3 more | 2026-05-28 | 7 High |
| A command injection vulnerability was discovered in the `rpmuncompress` utility of RPM. When extracting certain archive formats (ZIP, 7z, GEM) to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially crafted archive containing shell metacharacters in its folder name can execute arbitrary commands as the user running the extraction. | ||||
Page 1 of 1.