Zsh · Zsh · CVE-2018-7548
**Name of the Vulnerable Software and Affected Versions**
zsh versions prior to 5.4.2
**Description**
The issue arises from a NULL pointer dereference when using ${(PA)...} on an empty array result in the subst.c file of zsh.
**Recommendations**
For versions prior to 5.4.2, update to version 5.4.2 or later to resolve the issue.