13 matches found
Output Injection
Badkeys is vulnerable to output injection. The vulnerability is due to improper handling and sanitization of control characters in input, which allows an attacker to inject malicious content that produces misleading or manipulated command-line output when scanning DKIM keys, SSH keys, or filename...
CVE-2026-21439
badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line...
CVE-2026-21439
badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line...
badkeys 安全漏洞
badkeys is an open source library of tools from badkeys to check cryptographic public keys for vulnerabilities. A security vulnerability exists in badkeys version 0.0.15 and earlier, which stems from the fact that an attacker can inject content containing ASCII control characters, potentially...
CVE-2026-21439 badkeys vulnerable to ASCII control character injection on console via malformed input
badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line...
CVE-2026-21439 badkeys vulnerable to ASCII control character injection on console via malformed input
badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line...
CVE-2026-21439
CVE-2026-21439 affects the badkeys tool/library, where versions ≤0.0.15 allow ASCII control characters (e.g., vertical tabs, ANSI escape sequences) to inject misleading output in DKIM scanning (--dkim/--dkim-dns), SSH lines (--ssh-lines), and related filenames. The issue is fixed in version 0.0.1...
CVE-2026-21439 badkeys vulnerable to ASCII control character injection on console via malformed input
badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line...
badkeys vulnerable to ASCII control character injection on console via malformed input
Impact An attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line tool. This impacts scanning DKIM keys both --dkim and --dkim-dns, SSH keys --ssh-lines mode, and filenames in various...
GHSA-WJPC-4F29-83H3 badkeys vulnerable to ASCII control character injection on console via malformed input
Impact An attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line tool. This impacts scanning DKIM keys both --dkim and --dkim-dns, SSH keys --ssh-lines mode, and filenames in various...
EUVD-2026-0823
badkeys vulnerable to ASCII control character injection on console via malformed input...
Improper Neutralization
Overview badkeys is a Check cryptographic keys for known weaknesses Affected versions of this package are vulnerable to Improper Neutralization of ASCII control characters in the badkeys command-line tool. An attacker can manipulate console output to display misleading or deceptive information by...
PT-2026-1358
Name of the Vulnerable Software and Affected Versions badkeys versions 0.0.15 and below Description badkeys is a tool and library used for checking cryptographic public keys for known issues. In versions 0.0.15 and below, an attacker can inject content containing ASCII control characters, such as...