Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:39 p.m.10 views

CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

9.8CVSS7.1AI score0.01177EPSS
Exploits1References1
OSV
OSV
added 2022/09/26 1:25 p.m.39 views

CVE-2022-39243 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

8.4CVSS9.5AI score0.01177EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/09/26 1:25 p.m.6 views

CVE-2022-39243 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

8.4CVSS9.9AI score0.01177EPSS
Exploits1References3
CVE
CVE
added 2022/09/26 1:25 p.m.77 views

CVE-2022-39243

NuProcess 1.2.0+ libraries that fork via the JVM UNIXProcess_forkAndExec are vulnerable to command line injection when attackers supply NUL characters, exploitable on Linux. The root cause is that NuProcess lacks the check present in Java’s ProcessBuilder.start to sanitize NULs, allowing injected...

9.8CVSS9.4AI score0.01177EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/09/26 12:0 a.m.42 views

CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

9.8CVSS7.4AI score0.01177EPSS
Exploits1References4
Rows per page
Query Builder