In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-1856-1 patch security update
Debian DSA Debian DSA DSA-4489-1 patch security update
EUVD EUVD EUVD-2019-5064 In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
Ubuntu USN Ubuntu USN USN-4071-1 Patch vulnerabilities
Ubuntu USN Ubuntu USN USN-4071-2 Patch vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.05069}

epss

{'score': 0.05201}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T23:57:39.470Z

Reserved: 2019-07-17T00:00:00

Link: CVE-2019-13636

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-17T21:15:11.797

Modified: 2024-11-21T04:25:24.703

Link: CVE-2019-13636

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-07-24T00:00:00Z

Links: CVE-2019-13636 - Bugzilla

cve-icon OpenCVE Enrichment

No data.