Red Hat has been made aware of a vulnerability affecting all versions of the bash package as shipped with Red Hat products. This vulnerability CVE-2014-6271 could allow for arbitrary code execution. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. Update: 2014-09-30 18:00 UTC Two new flaws have been repo
![Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271, CVE-2014-7169) - Red Hat Customer Portal](https://cdn-ak-scissors.b.st-hatena.com/image/square/3108d3d39d44b30ca4891c7cf9161910927d3fdb/height=288;version=1;width=512/https%3A%2F%2Faccess.redhat.com%2Fwebassets%2Favalon%2Fg%2Fshadowman-200.png)