21 matches found
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
EUVD-2021-2056
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-41088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web...
GO-2022-0937 Elvish vulnerable to remote code execution via the web UI backend in github.com/elves/elvish
Elvish vulnerable to remote code execution via the web UI backend in github.com/elves/elvish...
Fedora: Security Advisory for golang-github-elves-elvish (FEDORA-2022-3e1ade35db)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: golang-github-elves-elvish-0.15.0-4.fc35
Friendly Interactive Shell and Expressive Programming Language...
Fedora: Security Advisory for golang-github-elves-elvish (FEDORA-2022-ba365d3703)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-elves-elvish-0.15.0-4.fc36
Friendly Interactive Shell and Expressive Programming Language...
GHSA-FPV6-F8JW-RC3R Elvish vulnerable to remote code execution via the web UI backend
Impact Elvish's backend for the experimental web UI started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious...
Elvish vulnerable to remote code execution via the web UI backend
Impact Elvish's backend for the experimental web UI started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
DEBIAN-CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
Open redirect
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
UBUNTU-CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish (the language/shell) vulnerability CVE-2021-41088 affects versions prior to 0.14.0 where the web UI backend (elvish -web) accepts code from the web UI without proper origin validation. If a user has the web UI backend open and visits a malicious site, that site can send arbitrary code to t...
CVE-2021-41088 Remote code execution via the web UI backend of Elvish
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
Github elvish 访问控制错误漏洞
Github elvish is an expressive programming language and versatile interactive shell combined into one seamless package. A security vulnerability exists in the elvish web UI prior to version 0.14.0 that stems from the backend not properly checking the origin of requests. If a user opens the web UI...