15 matches found
Symfony has an Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address
Description Symfony Mailer selects a transport via the MAILERDSN environment variable / configuration e.g. smtp://..., sendmail://..., native://default. SendmailTransport invokes the local sendmail binary and supports two modes: -bs speak SMTP over stdin: the default and -t read the message on...
GHSA-XX3C-QF5G-HC39 Symfony has an Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address
Description Symfony Mailer selects a transport via the MAILERDSN environment variable / configuration e.g. smtp://..., sendmail://..., native://default. SendmailTransport invokes the local sendmail binary and supports two modes: -bs speak SMTP over stdin: the default and -t read the message on...
CLSA-2026-1777040144 subversion: Fix of CVE-2017-9800
CVE-2017-9800: fix arbitrary code execution via crafted svn+ssh:// URLs by validating the decoded hostinfo and adding an end-of-options guard to the default svn+ssh and example rsh tunnel commands...
Gogs: Release tag option injection in release deletion
Summary There is a security issue in Gogs where deleting a release can fail if a user-controlled tag name is passed to Git without the right separator, allowing Git option injection and therefore interfering with the process. Affected Component - internal/database/release.go process.ExecDir...,...
GHSA-V9VM-R24H-6RQM Gogs: Release tag option injection in release deletion
Summary There is a security issue in Gogs where deleting a release can fail if a user-controlled tag name is passed to Git without the right separator, allowing Git option injection and therefore interfering with the process. Affected Component - internal/database/release.go process.ExecDir...,...
Linux Distros Unpatched Vulnerability : CVE-2020-17367
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. CVE-2020-17367 Note that...
PT-2023-20521 · Blamer · Blamer
Name of the Vulnerable Software and Affected Versions: blamer versions prior to 1.0.4 Description: The issue is related to Arbitrary Argument Injection via the blameByFile API. The library does not sanitize for user input or validate the given file path, nor does it properly pass command-line fla...
SUSE CVE-2020-17367
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...
OPENSUSE-SU-2020:1208-1 Security update for firejail
This update for firejail fixes the following issues: - CVE-2020-17367: The end-of-options separator -- was not handled correctly boo1174986. - CVE-2020-17368: An attacker who has control over the command line arguments could run arbitrary commands boo1174986...
CVE-2020-17367
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...
DEBIAN-CVE-2020-17367
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...
UBUNTU-CVE-2020-17367
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...
Command injection
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...
Debian DSA-4742-1 : firejail - security update
Tim Starling discovered two vulnerabilities in firejail, a sandbox program to restrict the running environment of untrusted applications. - CVE-2020-17367 It was reported that firejail does not respect the end-of-options separator '--', allowing an attacker with control over the command line...
Security update for git (moderate)
openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0598-1 Rating: moderate References: 1063412 1095218 1095219 1110949 1112230 1114225 1132350 1149792 1156651 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1167890 1168930 1169605 1169786...