Astra Linux - уязвимость в openssl

In addition to the crehash shell command injection identified in CVE-2022-1292, further instances where the crehash script fails to properly sanitize shell metacharacters to prevent command injection were discovered during code reviews. When CVE-2022-1292 was fixed, it wasn’t recognized that ther...

JLSEC-2026-228 The c_rehash script does not properly sanitise shell metacharacters to prevent command injection....

The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...

Linux Distros Unpatched Vulnerability : CVE-2022-2068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

Linux Distros Unpatched Vulnerability : CVE-2022-1292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manne...

Siemens SIMATIC and RUGGEDCOM Devices Linux Kernel Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CVE-2022-2068)

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...

SUSE CVE-2022-2068

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...

OESA-2022-1951 linux-sgx security update

IntelR Software Guard Extensions IntelR SGX is an Intel technology for application developers seeking to protect select code and data from disclosure or modification. Security Fixes: The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is...

FreeBSD : OpenSSL -- Command injection vulnerability (4eeb93bf-f204-11ec-8fbd-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4eeb93bf-f204-11ec-8fbd-d4c9ef517024 advisory. - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances...

DEBIAN-CVE-2022-2068

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...

UBUNTU-CVE-2022-2068

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : OpenSSL vulnerability (USN-5488-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5488-1 advisory. Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to...

DEBIAN-CVE-2022-1292

The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...

UBUNTU-CVE-2022-1292

The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...