58 matches found
Oracle Linux 8 : gcc-toolset-10-gcc (ELSA-2021-4585)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4585 advisory. 10.3.1-1.2.0.1 - Fix Orabug 32423691- gcc10 SEGV for every test in sregress: ORA-7445ksmplruaddbatchksm same bug as PR tree-optimization/100053:...
Oracle Linux 8 : rust-toolset:ol8 (ELSA-2021-4590)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4590 advisory. rust 1.54.0-3 - Lint against Unicode control codepoints. rust-toolset 1.54.0-1 - Update to Rust and Cargo 1.54.0. 1.53.0-1 - Update to Rust and Cargo 1.53.0...
Oracle Linux 8 : gcc-toolset-11-gcc (ELSA-2021-4586)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4586 advisory. 11.2.1-1.2.0.1 - Add -ftrivial-auto-var-init support from GCC12 Reviewed-by: Jose E. Marchesi - Add CTF/BTF support Reviewed-by: Qing Zhao 11.2.1-1.2 - add...
Oracle Linux 8 : gcc-toolset-11-binutils (ELSA-2021-4594)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4594 advisory. 2.36.1-1.0.1.1 - Forward port Oracle patches from 2.36.1-1.0.1 - Reviewed-by: Jose E. Marchesi 2.36.1-1.1 - Add ability to control the display of unicode...
Oracle Linux 8 : gcc-toolset-10-binutils (ELSA-2021-4649)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4649 advisory. 2.35-8.6 - Add ability to control the display of unicode characters. 2009176 Tenable has extracted the preceding description block directly from the Oracle Linu...
Oracle Linux 8 : gcc-toolset-11-annobin (ELSA-2021-4591)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4591 advisory. 9.85-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2017367 Tenable has extracted the preceding description block directly from the Oracle...
Oracle Linux 8 : binutils (ELSA-2021-4595)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4595 advisory. 2.30-108.0.2.1 - Forward-port Oracle patches from 2.30-108.0.2 to 2.30-108.0.2.1 - Reviewed-by: Jose E. Marchesi 2.30-108.0.2 - Forward-port the following updat...
Oracle Linux 8 : annobin (ELSA-2021-4593)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4593 advisory. 9.72-1.2 - Bump NVR and rebuild to use the new gcc. 2017362 9.72-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2017362 9.72-1 - Rebase to...
Oracle Linux 7 : binutils (ELSA-2021-4033)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4033 advisory. 2.27-44.base.0.3.1 - Forward-port patches to 2.27-44.base.1 - Reviewed-by: Jose E. Marchesi 2.27-44.base.0.2.1 - Forward-port patches to 2.27-44.base.1 -...
CVE-2021-42694
An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to...
CVE-2021-42574
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and...
Design/Logic Flaw
DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by...
CVE-2021-42694
An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to...
CVE-2021-42694
CVE-2021-42694 concerns homoglyph-based Trojan Source in Unicode handling up to at least Unicode 14.0. Attackers can craft source code identifiers that render visually identical to legitimate names, enabling injection or concealment of code in upstream/downstream dependencies. The connected docum...
CVE-2021-42694
An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to...
PT-2021-4640 · Unknown · Unicode Specification
Name of the Vulnerable Software and Affected Versions: Unicode Specification versions through 14.0 Description: An issue was discovered in the character definitions of the Unicode Specification. The specification allows an adversary to produce source code identifiers, such as function names, usin...
PT-2021-4639
Name of the Vulnerable Software and Affected Versions Unicode Specification versions prior to 14.0 Jira Service Management affected versions not specified Jira Software affected versions not specified Jira Work Management affected versions not specified Description The issue is related to the...
CVE-2021-42574
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and...