Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.40 views

RHEL 8 : gcc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Developer environment: Homoglyph characters can lead to trojan source attack CVE-2021-42694 - The...

8.3CVSS8.1AI score0.0669EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.35 views

RHEL 8 : developer_environment (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Developer environment: Homoglyph characters can lead to trojan source attack CVE-2021-42694 - An issue wa...

8.8AI score0.12205EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 7 : developer_environment (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Developer environment: Homoglyph characters can lead to trojan source attack CVE-2021-42694 - An issue wa...

8.8AI score0.12205EPSS
Exploits5References2
Cvelist
Cvelist
added 2021/11/01 12:0 a.m.39 views

CVE-2021-42694

An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to...

8.3AI score0.04485EPSS
Exploits1References10
CVE
CVE
added 2021/11/01 12:0 a.m.181 views

CVE-2021-42694

CVE-2021-42694 concerns homoglyph-based Trojan Source in Unicode handling up to at least Unicode 14.0. Attackers can craft source code identifiers that render visually identical to legitimate names, enabling injection or concealment of code in upstream/downstream dependencies. The connected docum...

8.3CVSS8AI score0.04485EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder