19 matches found
CVE-2023-30844
Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in mutagen and prior to version 0.17.1 in mutagen-compose, Mutagen list and monitor commands are susceptible to control characters that could be provided by remote...
GO-2023-1764 Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints in github.com/mutagen-io/mutagen
Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints in github.com/mutagen-io/mutagen...
GO-2023-1758 Under-validated ComSpec and cmd.exe resolution in Mutagen projects in github.com/mutagen-io/mutagen
Under-validated ComSpec and cmd.exe resolution in Mutagen projects in github.com/mutagen-io/mutagen...
CVE-2023-30844
Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in mutagen and prior to version 0.17.1 in mutagen-compose, Mutagen list and monitor commands are susceptible to control characters that could be provided by remote...
Design/Logic Flaw
Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in mutagen and prior to version 0.17.1 in mutagen-compose, Mutagen list and monitor commands are susceptible to control characters that could be provided by remote...
CVE-2023-30844 Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints
Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in mutagen and prior to version 0.17.1 in mutagen-compose, Mutagen list and monitor commands are susceptible to control characters that could be provided by remote...
CVE-2023-30844
Mutagen (mutagen and mutagen-compose) before versions 0.16.6/0.17.1 are vulnerable: list and monitor commands can accept control characters from remote endpoints, risking terminal corruption and potential exploitation when syncing with untrusted endpoints or paths. The issue is caused by unneutra...
CVE-2023-30844 Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints
Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in mutagen and prior to version 0.17.1 in mutagen-compose, Mutagen list and monitor commands are susceptible to control characters that could be provided by remote...
CVE-2023-30844 Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints
Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in mutagen and prior to version 0.17.1 in mutagen-compose, Mutagen list and monitor commands are susceptible to control characters that could be provided by remote...
Mutagen 安全漏洞
Mutagen is a new remote development tool that enables your existing local tools to work with code in remote environments such as cloud servers and containers. A security vulnerability exists in Mutagen versions prior to 0.16.6, 0.17.1, and mutagen-compose prior to 0.17.1, which stems from the...
GHSA-JMP2-WC4P-WFH2 Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints
Impact Mutagen command line operations, as well as the log output from mutagen daemon run, are susceptible to control characters that could be provided by remote endpoints. This can cause terminal corruption, either intentional or unintentional, if these characters are present in error messages,...
Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints
Impact Mutagen command line operations, as well as the log output from mutagen daemon run, are susceptible to control characters that could be provided by remote endpoints. This can cause terminal corruption, either intentional or unintentional, if these characters are present in error messages,...
GHSA-FWJ4-72FM-C93G Under-validated ComSpec and cmd.exe resolution in Mutagen projects
Impact Mutagen projects offer shell-based execution functionality. On Windows, the shell is resolved using the standard %ComSpec% mechanism, with a fallback to a %PATH%-based search for cmd.exe. While this is the standard practice on Windows systems, it presents somewhat risky behavior. Firstly,...
Under-validated ComSpec and cmd.exe resolution in Mutagen projects
Impact Mutagen projects offer shell-based execution functionality. On Windows, the shell is resolved using the standard %ComSpec% mechanism, with a fallback to a %PATH%-based search for cmd.exe. While this is the standard practice on Windows systems, it presents somewhat risky behavior. Firstly,...
PT-2023-22999 · Mutagen +1 · Mutagen +1
Name of the Vulnerable Software and Affected Versions: Mutagen versions prior to 0.16.6 Mutagen versions prior to 0.17.1 mutagen-compose versions prior to 0.17.1 Description: The issue affects Mutagen's list and monitor commands, making them susceptible to control characters provided by remote...
Linux Kernel 2.6.x / 3.10.x / 4.14.x (x64) - Mutagen Astronomy Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits / EDB-Note: Systems with less than 32GB of RAM are unlikely to be affected by this issue, due to memory demands during exploitation. EDB Note: poc-exploit.c / / poc-exploit.c for CVE-2018-14634 Copyright C 2018 Qualys, Inc. This program is fre...
New Linux Kernel Bug Affects Red Hat, CentOS, and Debian Distributions
Security researchers have published the details and proof-of-concept PoC exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system. The vulnerability, discovered by cloud-based security and compliance...
New Linux Kernel Bug Affects Red Hat, CentOS, and Debian Distributions
Security researchers have published the details and proof-of-concept PoC exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system. The vulnerability, discovered by cloud-based security and compliance...
Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
/ EDB-Note: Systems with less than 32GB of RAM are unlikely to be affected by this issue, due to memory demands during exploitation. EDB Note: poc-exploit.c / / poc-exploit.c for CVE-2018-14634 Copyright C 2018 Qualys, Inc. This program is free software: you can redistribute it and/or modify it...