CVE-2022-28391

An escape sequence injection attack was found in BusyBox on Alpine. For this issue to occur, a remote host's virtual terminal must contain an escape sequence, and the victim must then execute netstat. This flaw allows an attacker can inject arbitrary code, leading to a loss of integrity...

CVE-2021-25743

kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events...

ALSA-2021:4649 Moderate: gcc-toolset-10-binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...

Moderate: Red Hat Security Advisory: rust-toolset:rhel8 security update

An update for the rust-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

rust-toolset:rhel8 security update

An update is available for rust-toolset, rust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rust Toolset provides the Rust programming language compiler rustc...

Moderate: rust-toolset:rhel8 security update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes wer...

Improper Input Validation

Overview webrick is a HTTP server toolkit that can be configured as an HTTPS server, a proxy server, and a virtual-host server. Affected versions of this package are vulnerable to Improper Input Validation. WEBrick lets attackers to inject malicious escape sequences to its logs, making it possibl...

DEBIAN-CVE-2021-33477

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...

CVE-2021-33477

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...

rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution Exploit

rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution. !/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/...

DEBIAN-CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

UBUNTU-CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

cpp-peglib 缓冲区错误漏洞

yhirose cpp-peglib is a yhirose open source application. A header-only PEG Parsed Expression Grammar library. A security vulnerability exists in cpp-peglib version v0.1.12 and earlier, which stems from peg::resolve escape sequence in peglib.h having a heap-based buffer over-read...

PT-2021-10984 · Unknown +1 · Cpp-Peglib +1

Name of the Vulnerable Software and Affected Versions: cpp-peglib versions prior to 0.1.13 Description: An issue was discovered in the peg::resolve escape sequence function, located in peglib.h, which has a heap-based buffer over-read. Recommendations: For versions prior to 0.1.13, update to...

Out-of-bounds Read

A heap-based buffer over-read was discovered in cpp-peglib's peg::resolveescapesequence in peglib.h...

MGASA-2020-0440 Updated jruby packages fix security vulnerabilities

Response Splitting attack in the HTTP server of WEBrick CVE-2017-17742. Delete directory using symlink when decompressing tar CVE-2019-8320. Escape sequence injection vulnerability in verbose CVE-2019-8321. Escape sequence injection vulnerability in gem owner CVE-2019-8322. Escape sequence...

Log injection in uvicorn

This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request craft...

CVE-2020-7694

This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request craft...

CVE-2020-7694

This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request craft...