2 matches found
GHSA-GP2J-MG4W-2RH5 chrome-launcher subject to OS Command Injection
chrome-launcher prior to 0.13.2 is subject to OS Command Injection via the $HOME environment variable in Linux operating systems. This issue is patched in version 0.13.2...
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - 'imwheel' (1)
// source: https://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string containing machine executable code...