网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

USN-8372-1: age vulnerability

来源: ubuntu_security_notice · 发布时间 2026-06-03 00:24 (UTC+08:00) · 抓取时间 2026-06-03 01:35 (UTC+08:00)

原文链接

摘要

age could be made to crash or run programs as your login if it opened a specially crafted file.

正文

It was discovered that age did not properly validate plugin names. An attacker could possibly use this issue to cause execution of an arbitrary program by supplying a crafted recipient or identity string.

标签

扩展字段

{
  "cve_ids": [
    "CVE-2024-56327"
  ],
  "guid": "https://ubuntu.com/security/notices/USN-8372-1",
  "instructions": "In general, a standard system update will make all the necessary changes.",
  "raw_pub_date": "Tue, 02 Jun 2026 16:24:33 +0000",
  "release_packages": {
    "noble": [
      {
        "description": "A simple, modern and secure file encryption tool, format, and Go library.",
        "is_source": true,
        "name": "age",
        "version": "1.1.1-1ubuntu0.24.04.3+esm1"
      },
      {
        "is_source": false,
        "is_visible": true,
        "name": "age",
        "pocket": "esm-apps",
        "source_link": "https://launchpad.net/ubuntu/+source/age",
        "version": "1.1.1-1ubuntu0.24.04.3+esm1",
        "version_link": null
      },
      {
        "is_source": false,
        "is_visible": true,
        "name": "golang-filippo-age-dev",
        "pocket": "esm-apps",
        "source_link": "https://launchpad.net/ubuntu/+source/age",
        "version": "1.1.1-1ubuntu0.24.04.3+esm1",
        "version_link": null
      }
    ]
  },
  "releases": [
    {
      "codename": "noble",
      "support_tag": "LTS",
      "version": "24.04"
    }
  ]
}