2626 matches found
[SECURITY] Fedora 36 Update: direnv-2.32.1-3.fc36
direnv augments existing shells with a new feature that can load and unload environment variables depending on the current directory...
PT-2022-21466 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to Security Update 2022-005 Catalina macOS versions prior to 11.6.8 Big Sur macOS versions prior to 12.5 Monterey Description: An issue in the handling of environment variables was addressed with improved validation. This...
CVE-2021-45492
In Sage 300 ERP formerly accpac through 6.8.x, the installer configures the C:\Sage\Sage300\Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because the Sage installer fails to set explicit permissions...
U.S. Dept Of Defense: an internel important paths disclosure [HtUS]
Summary: i found CGI script environment variable disclosure an important paths Steps To Reproduce: 1. visit this link : https://███ 2. look at poc pic you should restrict this quickly Impact this is so dangerous because attacker now know an internal paths and this juicy information as u can see i...
Node.js: Insecure loading of ICU data through ICU_DATA environment variable
Insecure loading of ICU data through the ICUDATA environment variable allowed for potential exploitation, as ICU still honored the variable regardless of privilege level. The impact was likely limited, but it was suggested to build ICU with ICUNOUSERDATAOVERRIDE defined and sanitize the environme...
CVE-2022-32553
CVE-2022-32553 affects Pure Storage FlashArray (Purity//FA) versions 5.2.x and prior up to 6.2.3, and FlashBlade (Purity//FB) up to 3.3.0; vulnerability is privilege escalation via manipulation of environment variables. A logged-in user can escape a restricted shell to an unrestricted shell with ...
GHSA-RVP4-R3G6-8HXQ Insufficiently Protected Credentials via Insecure Temporary File in org.apache.nifi:nifi-single-user-utils
Impact org.apache.nifi.authentication.single.user.writer.StandardLoginCredentialsWriter contains a local information disclosure vulnerability due to writing credentials username and password to a file that is readable by all other users on unix-like systems. On unix-like systems, the system's...
Insufficiently Protected Credentials via Insecure Temporary File in org.apache.nifi:nifi-single-user-utils
Impact org.apache.nifi.authentication.single.user.writer.StandardLoginCredentialsWriter contains a local information disclosure vulnerability due to writing credentials username and password to a file that is readable by all other users on unix-like systems. On unix-like systems, the system's...
Potential segfault in `localtime_r` invocations
Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library...
GHSA-CQPR-PCM7-M3JC Potential segfault in `localtime_r` invocations
Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library...
GHSA-GP95-PPV5-3JC5 sharp vulnerable to Command Injection in post-installation over build environment
There's a possible vulnerability in logic that is run only at npm install time when installing versions of sharp prior to the latest v0.30.5. This is not part of any runtime code, does not affect Windows users at all, and is unlikely to affect anyone that already cares about the security of their...
Arbitrary Command Injection
sharp is vulnerable to arbitrary command injection. An attacker is able to set the value of the PKGCONFIGPATH environment variable in a build environment which allows arbitrary command injection at npm install time...
GHSA-4G82-3JCR-Q52W Malware in ctx
The ctx hosted project on PyPI was taken over via user account compromise and replaced with a malicious project which contained runtime code that collected the content of os.environ.items when instantiating Ctx objects. The captured environment variables were sent as a base64 encoded query...
CVE-2022-29256
CVE-2022-29256 affects sharp (Node.js image processing) versions prior to 0.30.5. If an attacker can control PKG_CONFIG_PATH in the build environment, they may inject arbitrary commands at npm install time (not a runtime issue; Windows builds are not affected). The issue is fixed in sharp v0.30.5...
sharp 操作系统命令注入漏洞
sharp is a program by the individual developers at lovell for converting large images in common formats into smaller, web-friendly JPEG, PNG, WebP, GIF and AVIF images of different sizes. An operating system command injection vulnerability exists in versions prior to sharp 0.30.5. An attacker can...
chrome-launcher subject to OS Command Injection
chrome-launcher prior to 0.13.2 is subject to OS Command Injection via the $HOME environment variable in Linux operating systems. This issue is patched in version 0.13.2...
GHSA-GP2J-MG4W-2RH5 chrome-launcher subject to OS Command Injection
chrome-launcher prior to 0.13.2 is subject to OS Command Injection via the $HOME environment variable in Linux operating systems. This issue is patched in version 0.13.2...
Jenkins JX Resources Plugin missing permission check
Jenkins jx-resources Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified Kubernetes server and obtain information about an attacker-specified namespace. Doing so might also le...
GHSA-QWW5-P626-RFPF Jenkins JX Resources Plugin cross-site request forgery vulnerability
Jenkins jx-resources Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified Kubernetes server and obtain information about an attacker-specified namespace. Doing so might also le...
GHSA-V646-RX6W-R3QQ Improper Access Control in Apache Tomcat
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an...