6 matches found
BELL-CVE-2024-43402 CVE-2024-43402 does not affect BellSoft software
Bulletin has no description...
CVE-2024-43402
creationtimestamp| type| source ---|---|--- 2024-09-04 19:25:39+00:00| seen| https://t.me/cvedetector/4816 2025-07-19 17:45:18+00:00| seen| https://bsky.app/profile/puretech.news/post/3ludjb5mh4y2w 2025-07-20 23:07:32+00:00| seen| https://bsky.app/profile/hacker.at.thenote.app/post/3luglqb4k7k2a...
CVE-2024-43402
Rust is a programming language. The fix for CVE-2024-24576, where std::process::Command incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods...
CVE-2024-43402 Rust OS Command Injection/Argument Injection vulnerability
Rust is a programming language. The fix for CVE-2024-24576, where std::process::Command incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods...
CVE-2024-43402
CVE-2024-43402 describes a Rust vulnerability in how Windows batch file names with trailing spaces or periods could bypass the existing mitigation for CVE-2024-24576. The issue arises from how the original fix checked for .bat/.cmd endings, failing to account for Windows normalizing trailing whit...
CVE-2024-43402 Rust OS Command Injection/Argument Injection vulnerability
Rust is a programming language. The fix for CVE-2024-24576, where std::process::Command incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods...