← Retour aux CVEs
CVE-2026-35343
LOW3.3
Description
The cut utility in uutils coreutils incorrectly handles the -s (only-delimited) option when a newline character is specified as the delimiter. The implementation fails to verify the only_delimited flag in the cut_fields_newline_char_delim function, causing the utility to print non-delimited lines that should have been suppressed. This can lead to unexpected data being passed to downstream scripts that rely on strict output filtering.
Details CVE
Score CVSS v3.13.3
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie4/22/2026
Derniere modification4/22/2026
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-670
References
https://github.com/uutils/coreutils/pull/11143(security@ubuntu.com)
https://github.com/uutils/coreutils/releases/tag/0.7.0(security@ubuntu.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.