21 matches found
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
EUVD-2021-2056
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-41088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web...
GO-2022-0937 Elvish vulnerable to remote code execution via the web UI backend in github.com/elves/elvish
Elvish vulnerable to remote code execution via the web UI backend in github.com/elves/elvish...
Fedora: Security Advisory for golang-github-elves-elvish (FEDORA-2022-3e1ade35db)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: golang-github-elves-elvish-0.15.0-4.fc35
Friendly Interactive Shell and Expressive Programming Language...
Fedora: Security Advisory for golang-github-elves-elvish (FEDORA-2022-ba365d3703)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-elves-elvish-0.15.0-4.fc36
Friendly Interactive Shell and Expressive Programming Language...
Elvish vulnerable to remote code execution via the web UI backend
Impact Elvish's backend for the experimental web UI started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious...
GHSA-FPV6-F8JW-RC3R Elvish vulnerable to remote code execution via the web UI backend
Impact Elvish's backend for the experimental web UI started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a result, if the user has the web UI backend open and visits a compromised or malicious...
DEBIAN-CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
UBUNTU-CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
Open redirect
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish (the language/shell) vulnerability CVE-2021-41088 affects versions prior to 0.14.0 where the web UI backend (elvish -web) accepts code from the web UI without proper origin validation. If a user has the web UI backend open and visits a malicious site, that site can send arbitrary code to t...
CVE-2021-41088 Remote code execution via the web UI backend of Elvish
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
CVE-2021-41088
Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...
PT-2021-23080 · Elvish · Elvish
Name of the Vulnerable Software and Affected Versions: Elvish versions prior to 0.14.0 Description: Elvish is a programming language and interactive shell. The web UI backend, started by elvish -web, hosts an endpoint that allows executing code sent from the web UI. However, the backend does not...