Hello, I have discovered a severe heap overflow vulnerability in Bash, which exists in both the latest and older versions. Attackers can craft payloads to elevate privileges or execute malicious code. Should I directly submit it to the CVE website, or should I send it to you? If I send it to you, can I still obtain a CVE identifier? [image: image.png]
- Bash has a stack overflow vulnerability B_M
- Re: Bash has a stack overflow vulnerability Chet Ramey
