Linux Distros Unpatched Vulnerability : CVE-2025-24959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment variables into process.env...

GHSA-QWP8-X4FF-5H87 ZX Allows Environment Variable Injection for dotenv API

Impact This vulnerability is an Environment Variable Injection issue in dotenv.stringify, affecting google/zx version 8.3.1. An attacker with control over environment variable values can inject unintended environment variables into process.env. This can lead to arbitrary command execution or...

UBUNTU-CVE-2025-24959

zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment variables into process.env. This can lead to arbitrary command execution or unexpected behavior in applications that rely on environment variables for...

PT-2025-5603 · Zx +1 · Zx +1

Name of the Vulnerable Software and Affected Versions: zx versions prior to 8.3.2 Description: An attacker with control over environment variable values can inject unintended environment variables into process.env. This can lead to arbitrary command execution or unexpected behavior in application...