CVE-2026-42284 GitPython: Unsafe option check validates multi_options before shlex.split transforms it

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but aft...

CVE-2026-42284 GitPython: Unsafe option check validates multi_options before shlex.split transforms it

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but aft...

Remote Code Execution (RCE)

simple-git is vulnerable to Remote Code Execution RCE. The vulnerability is due to incomplete validation of command options allowing the --config form to bypass restrictions, which allows an attacker to inject malicious options and execute arbitrary code...

GitPython: Unsafe option check validates multi_options before shlex.split transformation

Summary clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but after split becomes "--branch", "main", "--config", "core.hooksPath=/x". Git applies the...

Arbitrary Argument Injection

Overview github.com/hashicorp/go-getter is a Package for downloading things from a string URL using a variety of protocols. Affected versions of this package are vulnerable to Arbitrary Argument Injection via the GitGetter function that lacks validation for git options when attempting to check th...

WordPress plugin Gutena Forms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from userspace, so the shift amount coul...

EUVD-2025-26112

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & 0xdcfc However, it-optionsi...

SUSE CVE-2025-38530

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

DEBIAN-CVE-2025-38530

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

AZL-66389 CVE-2025-38530 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

UBUNTU-CVE-2025-38529

In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from userspace, so the shift amount could ...

CVE-2025-38530 comedi: pcl812: Fix bit shift out of bounds

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

CVE-2025-38530 comedi: pcl812: Fix bit shift out of bounds

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

CVE-2025-38530

CVE-2025-38530 relates to the Linux kernel’s Comedi pcl812 code. The vulnerability arises from a test that shifts a constant with a user-supplied option: (1 <options[1]) & board->irq_bits. Since it->options[1] is unchecked from userspace, the shift amount can be negative or out of bounds...

CVE-2025-38529

CVE-2025-38529 relates to the Linux kernel Comedi driver (aio_iiro_16) where an unchecked userspace-derived value in it->options[1] could cause a shift out of bounds or negative shift; the fix adds a bounds check on it->options[1] before evaluating the (1 <options[1]) & 0xdcfc test. Affe...

CVE-2025-6572

The OpenStreetMap for Gutenberg and WPBakery Page Builder formerly Visual Composer WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above...

DEBIAN-CVE-2025-38482

In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: / IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode / if 1 options1 & 0x8cec However, it-optionsi is an...

UBUNTU-CVE-2025-38483

In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: / only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid / if 1 options1 & 0xdcfc However, it-optionsi is an...