VIR Vulnerability Intelligence Relay

CVE-2013-6888

high
Published 2014-01-07 · Modified 2026-04-29
CVSS v3
CVSS v2
7.5
VIR risk
7.5

Description

Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2013-6888

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed2.13.9
debian debianbullseyefixed2.13.9
debian debianforkyfixed2.13.9
debian debiansidfixed2.13.9
debian debiantrixiefixed2.13.9

Application impact
VendorProductVersionsFixed
devscripts_devel_teamdevscripts{"endIncluding":"2.13.8"}
devscripts_devel_teamdevscripts2.13.0
devscripts_devel_teamdevscripts2.13.1
devscripts_devel_teamdevscripts2.13.2
devscripts_devel_teamdevscripts2.13.3
devscripts_devel_teamdevscripts2.13.4
devscripts_devel_teamdevscripts2.13.5
devscripts_devel_teamdevscripts2.13.6
devscripts_devel_teamdevscripts2.13.7

References

Verify integrity in audit chain (admin only). AS-IS.