BIT-LIBPYTHON-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter

An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...

PT-2025-32492 · Pypi · Ms-Swift

I. Detailed Description: 1. Install ms-swift pip install ms-swift -U 2. Start web-ui swift web-ui --lang en 3. After startup, access through browser at http://localhost:7860/ to see the launched fine-tuning framework program 4. Fill in necessary parameters In the LLM Training interface, fill in...

CVE-2025-34073

An unauthenticated command injection vulnerability exists in stamparm/maltrail Maltrail versions =0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input...

PT-2025-27631

Name of the Vulnerable Software and Affected Versions: Maltrail versions =0.54 Description: An unauthenticated command injection issue exists, allowing a remote attacker to execute arbitrary operating system commands via the username parameter in a POST request to the "/login" endpoint. This occu...

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +9710 more potentially affected by CVE-2025-41234 via org.springframework:spring-web (>=6.2.0 <=6.2.7)

org.springframework:spring-web MAVEN version =6.2.0, =0.1.0, =0.1.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.28 and more Source cves: CVE-2025-41234 Source advisory: OSV:GHSA-6R3C-XF4W-JXJM...

VulnCheck KEV: CVE-2022-31161

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch...

CVE-2024-3121

A remote code execution vulnerability exists in the createcondaenv function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the envname and...

CVE-2024-40647

sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite the env= setting. In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifical...

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +15719 more potentially affected by CVE-2025-22233 via org.springframework:spring-context (>=6.2.0 <=6.2.6)

org.springframework:spring-context MAVEN version =6.2.0, =0.1.0, =0.1.0, =0.114.0, =0.114.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =0.9.0 - ai.astraform:remote-domain-author-kit-java =0.1.0 and more Source cves: CVE-2025-22233 Source advisory: OSV:GHSA-4WP7-92PW-Q264...

OS Command Injection

aworld is vulnerable to OS Command Injection. The vulnerability is due to improper input sanitization due to unsafe use of subprocess.run and subprocess.Popen in AWorld/aworld/virtualenvironments/terminals/shelltool.py, which allows remote attackers to execute arbitrary operating system commands ...

Inclusion of Functionality from Untrusted Control Sphere

Overview github.com/elastic/elastic-agent is an a single, unified way to add monitoring for logs, metrics, and other types of data to a host. Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere via parameter injection in the osqueryd...

Arbitrary Command Injection

Overview aworld is an Ant Agent Package Affected versions of this package are vulnerable to Arbitrary Command Injection through the subprocess.run and subprocess.Popen functions in shelltool.py. This allows an attacker to inject malicious commands due to insufficient sanitization of user-supplied...

AWorld OS Command Injection vulnerability

A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d793dd9a1a950c2af4dd84c4e. It has been rated as critical. This issue affects the function subprocess.run/subprocess.Popen of the file AWorld/aworld/virtualenvironments/terminals/shelltool.py. The manipulation leads to os command...

CVE-2025-4032

A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d793dd9a1a950c2af4dd84c4e. It has been rated as critical. This issue affects the function subprocess.run/subprocess.Popen of the file AWorld/aworld/virtualenvironments/terminals/shelltool.py. The manipulation leads to os command...

AWorld 命令注入漏洞

AWorld is an easy to build, evaluate, and run generic multi-agent assistance program open-sourced by inclusionAI. AWorld suffers from a command injection vulnerability that stems from incorrect manipulation of the function subprocess.run/subprocess.Popen resulting in os command injection...

PT-2025-18101 · Unknown · Inclusionai Aworld

Name of the Vulnerable Software and Affected Versions: inclusionAI AWorld up to 8c257626e648d98d793dd9a1a950c2af4dd84c4e Description: A critical issue affects the subprocess.run/subprocess.Popen function of the file AWorld/aworld/virtual environments/terminals/shell tool.py, leading to os command...

CVE-2024-9920

In version v12 of parisneo/lollms-webui, the 'Send file to AL' function allows uploading files with various extensions, including potentially dangerous ones like .py, .sh, .bat, and more. Attackers can exploit this by uploading files with malicious content and then using the '/openfile' API...

CVE-2024-9920

CVE-2024-9920 affects parisneo/lollms-webui (v12). The vulnerability occurs in the “Send file to AL” feature, which accepts file uploads with extensions such as .py/.sh/.bat and then can execute them via the /open_file endpoint. Root cause: files are opened with subprocess.Popen without proper va...

BIT-PYTHON-MIN-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter

An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...

Bug Bounty Report: Command Injection Vulnerability in subprocess Call

This report is not public...