Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:35 p.m.9 views

CVE-2021-43269

In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config PAC file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. Incydr...

8.8CVSS7.9AI score0.01339EPSS
Exploits0
Prion
Prion
added 2022/01/20 2:15 a.m.15 views

Code injection

In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config PAC file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. Incydr...

6.5CVSS9AI score0.01339EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/01/20 1:44 a.m.36 views

CVE-2021-43269

In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config PAC file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. Incydr...

9.2AI score0.01339EPSS
Exploits0References2
CVE
CVE
added 2022/01/20 1:44 a.m.101 views

CVE-2021-43269

CVE-2021-43269 affects Code42 app prior to 8.8.0. An eval injection could allow an attacker to modify a device’s proxy configuration to point at a malicious PAC file, enabling arbitrary code execution. Affected: Incydr Basic, Advanced, Gov F1; CrashPlan Cloud; CrashPlan for Small Business (Incydr...

8.8CVSS8.9AI score0.01339EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/03/10 4:15 p.m.17 views

Integer overflow

In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for...

6.8CVSS8AI score0.00961EPSS
Exploits1References1Affected Software1
Mageia
Mageia
added 2017/03/23 7:19 a.m.43 views

Updated kdelibs4 packages fix security vulnerability

Using a malicious PAC file, and then using exfiltration methods in the PAC function FindProxyForURL enables the attacker to expose full https URLs. This is a security issue since https URLs may contain sensitive information in the URL authentication part user:password@host, and in the path and th...

5.5CVSS0.3AI score0.00828EPSS
Exploits0References2
Rows per page
Query Builder