11 matches found
environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks
A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The...
RHEL 7 : devtoolset-10-binutils (RHSA-2021:4723)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4723 advisory. The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar...
CentOS 8 : annobin (CESA-2021:4593)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4593 advisory. - Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 Note that Nessus has not tested for thi...
environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks
A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The...
Moderate: Red Hat Security Advisory: gcc-toolset-10-binutils security update
An update for gcc-toolset-10-binutils is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
binutils security update
An update is available for binutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The binutils packages provide a collection of binary utilities for the...
gcc-toolset-10-annobin security update
An update is available for gcc-toolset-10-annobin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Annobin provides a compiler plugin to annotate and tools to...
Moderate: Red Hat Security Advisory: binutils security update
An update for binutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks
A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The...
Unicode characters allow malicious code to be hidden from a human reviewer (Bitbucket Server / DC) - CVE-2021-42574
Researchers at the University of Cambridge reported a vulnerability affecting Bitbucket Server / DC where special characters, known as Unicode bidirectional override characters, are not rendered or displayed in the affected applications. These special characters are typically not displayed by the...
Ubuntu Update for thunderbird vulnerabilities USN-915-1
Ubuntu Update for Linux kernel vulnerabilities USN-915-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9151.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for thunderbird vulnerabilities USN-915-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...