3 matches found
EUVD-2022-51675
Malicious code in bioql PyPI...
Prototype Pollution
Overview rfc6902 is a Complete implementation of RFC6902 patch and diff Affected versions of this package are vulnerable to Prototype Pollution. It may allow attackers to inject or modify the methods and properties of the global object constructor. PoC // poc.js var rfc6902 = require"rfc6902" var...
FreeBSD : FreeBSD -- shell injection vulnerability in patch(1) (0d090952-600a-11e6-a6c3-14dae9d210b8)
Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch1 to pass certain ed1 scripts to the ed1 editor, which would run commands. Impact : This issue could be exploited to execute arbitrary commands as the user invoking patch1 against a specially...