EUVD-2022-6785

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-39243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's...

ch.epfl.scala:bloop-config_2.12 (=1.0.0-M10), ch.epfl.scala:bloop-frontend_2.12 (>=0.0.0-1-6a1d3dcc <=ccbc95eb) +51 more potentially affected by CVE-2022-39243 via com.zaxxer:nuprocess (>=1.2.0 <=2.0.4)

com.zaxxer:nuprocess MAVEN version =1.2.0, =0.0.0-1-6a1d3dcc, =1.3.3, =1.2.0, =0.0.0-1-6a1d3dcc, =0.9.13, =0.9.13, =0.9.13, =0.9.13, =0.9.13, =0.9.13, =0.1.0-BETA, =1.2.2, =1.3.0 and more Source cves: CVE-2022-39243 Source advisory: OSV:GHSA-CXGF-V2P8-7PH7...

GHSA-CXGF-V2P8-7PH7 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

Impact In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's ProcessBuilder isn't vulnerable because of a check in...

NuProcess vulnerable to command-line injection through insertion of NUL character(s)

Impact In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's ProcessBuilder isn't vulnerable because of a check in...

NuProcess Command Injection Vulnerability

NuProcess is a low-overhead, non-blocking I/O, external process implementation of Java from Brett Wooldridge's personal developer. NuProcess 1.2.0 and later, and versions prior to 2.0.5, are vulnerable to command injection, which stems from the failure of a network system or product to properly...

Command Injection

Nuprocess is vulnerable to command injection. The vulnerability exists because NuProcess is missing a check in run and start functions of NuProcessBuilder.java which enables the attackers to use NULL characters in their strings to perform a command line injection...

CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

Design/Logic Flaw

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

UBUNTU-CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

CVE-2022-39243 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

CVE-2022-39243 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

CVE-2022-39243 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

CVE-2022-39243

NuProcess 1.2.0+ libraries that fork via the JVM UNIXProcess_forkAndExec are vulnerable to command line injection when attackers supply NUL characters, exploitable on Linux. The root cause is that NuProcess lacks the check present in Java’s ProcessBuilder.start to sanitize NULs, allowing injected...

NuProcess 安全漏洞

NuProcess is a low-overhead, non-blocking I/O, external process implementation of Java from Brett Wooldridge's personal developer. NuProcess 1.2.0 and later, and versions prior to 2.0.5, are vulnerable to command injection, which stems from the failure of a network system or product to properly...

CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

PT-2022-24837 · Nuprocess · Nuprocess

Name of the Vulnerable Software and Affected Versions: NuProcess versions 1.2.0 through 2.0.4 Description: NuProcess is an external process execution implementation for Java that is vulnerable to command line injection attacks. Attackers can use NUL characters in their strings to inject command...