22 matches found
CVE-2026-32059
OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins validation for sort command fails to properly validate GNU long-option abbreviations, allowing attackers to bypass denied-flag checks via abbreviated options. Remote attackers can execute sort commands with abbreviated long optio...
CVE-2026-32059
OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins validation for sort command fails to properly validate GNU long-option abbreviations, allowing attackers to bypass denied-flag checks via abbreviated options. Remote attackers can execute sort commands with abbreviated long optio...
CVE-2026-32059
OpenClaw contains a vulnerability in tools.exec.safeBins for sort: in versions up to 2026.2.22-2, GNU long-option abbreviations could bypass deny checks in allowlist mode, allowing remote actors to execute abbreviated long options without approval. The issue is caused by how long options are vali...
CVE-2026-32059 OpenClaw 2026.2.22-2 < 2026.2.23 - Allowlist Bypass via sort Long-Option Abbreviation in tools.exec.safeBins
OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins validation for sort command fails to properly validate GNU long-option abbreviations, allowing attackers to bypass denied-flag checks via abbreviated options. Remote attackers can execute sort commands with abbreviated long optio...
EUVD-2026-11148
OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins validation for sort command fails to properly validate GNU long-option abbreviations, allowing attackers to bypass denied-flag checks via abbreviated options. Remote attackers can execute sort commands with abbreviated long optio...
PT-2026-24669
Summary In OpenClaw, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations in allowlist mode, allowing approval-free execution paths that should require approval. Affected Packages / Versions - Ecosystem: npm - Package: openclaw - Latest published version...
MiracleLinux 4 : coreutils-8.4-31.2.0.1.AXS4 (AXSA:2014-028:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-028:01 advisory. These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages. Security issues fixed...
EUVD-2013-0255
Malware in sbrugna...
redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic
A flaw was found in Redis, an in-memory database that persists on disk. This flaw allows authenticated users to issue specially crafted SETRANGE and SORTRO commands to trigger an integer overflow, resulting in Redis attempting to allocate impossible amounts of memory and abort with an out-of-memo...
BIT-REDIS-2022-35977 Integer overflow in certain command arguments can drive Redis to OOM panic
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory OOM panic. The problem is fixe...
K16859: SUSE coreutils vulnerabilities CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223
Security Advisory Description CVE-2013-0221 The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer...
AZL-13125 CVE-2022-35977 affecting package redis for versions less than 6.2.9-1
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory OOM panic. The problem is fixe...
UBUNTU-CVE-2022-35977
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory OOM panic. The problem is fixe...
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command when using the (1) -d or (2) -M switch which triggers a stack-based buffer overflow in the alloca function.
...
CVE-2013-0221
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer overflow in the alloca function...
CVE-2013-0221
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer overflow in the alloca function...
CVE-2013-0221
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer overflow in the alloca function...
coreutils: segfault in "sort -d" and "sort -M" with long line input
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer overflow in the alloca function...
sort, uniq, join utilities resources exhaustion
Resources exhaustion on oversized string...
Security Update: [CSSA-2002-SCO.21] OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely
To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely Advisory number: CSSA-2002-SCO.21 Issue date: 2002 May 28 Cross reference: 1...