31 matches found
EUVD-2020-0290
Malware in sbrugna...
EUVD-2022-0042
Malicious code in bioql PyPI...
EUVD-2022-4566
Malicious code in bioql PyPI...
SUSE CVE-2019-10800
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
GSD-2022-1007552 x86/unwind/orc: Fix unreliable stack dump with gcov
x86/unwind/orc: Fix unreliable stack dump with gcov This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit...
GSD-2022-1007463 x86/unwind/orc: Fix unreliable stack dump with gcov
x86/unwind/orc: Fix unreliable stack dump with gcov This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.264 by commit...
GSD-2022-1007346 x86/unwind/orc: Fix unreliable stack dump with gcov
x86/unwind/orc: Fix unreliable stack dump with gcov This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.223 by commit...
GSD-2022-1006949 x86/unwind/orc: Fix unreliable stack dump with gcov
x86/unwind/orc: Fix unreliable stack dump with gcov This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.77 by commit...
GSD-2022-1006632 x86/unwind/orc: Fix unreliable stack dump with gcov
x86/unwind/orc: Fix unreliable stack dump with gcov This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...
PT-2022-35433 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.153 Description: The issue is related to an unreliable stack dump with gcov in the x86/unwind/orc component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-35807 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.14.181 through 4.14.297 Description: The issue is related to an unreliable stack dump with gcov in the x86/unwind/orc component. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-35601 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.4.41 through 5.4.222 Description: The issue is related to an unreliable stack dump with gcov in the x86/unwind/orc component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Lin...
GHSA-H3QR-FJHM-JPHW Codecov does not sanitize gcov arguments
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
Codecov does not sanitize gcov arguments
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
CVE-2019-10800
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
CVE-2019-10800
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
PYSEC-2022-238
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
PYSEC-2022-238
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
Security feature bypass
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...
PT-2022-8076 · Codecov +1 · Codecov +1
Name of the Vulnerable Software and Affected Versions: codecov versions prior to 2.0.16 Description: The issue arises from the failure to sanitize gcov arguments before they are provided to the popen method. This lack of sanitization can lead to potential exploitation. Recommendations: For versio...