EUVD-2022-0042

Malicious code in bioql PyPI...

SUSE CVE-2019-10800

This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...

GHSA-H3QR-FJHM-JPHW Codecov does not sanitize gcov arguments

This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...

Codecov does not sanitize gcov arguments

This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...

Security feature bypass

This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...

CVE-2019-10800 Command Injection

This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...

IBM AIX 3.2.5 - 'IFS' Local Privilege Escalation

source: https://www.securityfocus.com/bid/454/info Under older versions of AIX By changing the IFS enviroment variable to / setuid root programs that use system or popen can be fooled into running user provided programs. !/bin/csh IFS hole in AIX3.2 rmail gives egid=mail. Apr. 1994 Setup needed...