12 matches found
CVE-2024-49400
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That...
GO-2024-3207 Permissive Regular Expression in tacquito in github.com/facebookincubator/tacquito
Permissive Regular Expression in tacquito in github.com/facebookincubator/tacquito...
Permissive Regular Expression
github.com/facebookincubator/tacquito is vulnerable to Permissive Regular Expression. The vulnerability is due to permissive regex matching where the system matches sub-strings instead of the entire string for authorized commands and arguments. This could allow unauthorized commands to be execute...
Permissive Regular Expression in tacquito
Impact The CVE is for a software vulnerability. Network admins who have deployed tacquito or versions of tacquito in their production environments and use tacquito to perform command authorization for network devices should be impacted. Tacquito code prior to commit...
GHSA-P5WF-CMR4-XRWR Permissive Regular Expression in tacquito
Impact The CVE is for a software vulnerability. Network admins who have deployed tacquito or versions of tacquito in their production environments and use tacquito to perform command authorization for network devices should be impacted. Tacquito code prior to commit...
GHSA-J42F-WC6V-5XPQ Duplicate Advisory: Permissive Regular Expression in tacquito
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That...
Duplicate Advisory: Permissive Regular Expression in tacquito
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That...
CVE-2024-49400
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That...
CVE-2024-49400
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That...
CVE-2024-49400
Tacquito contains a Permissive Regular Expression vulnerability where the code prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 performed regex matches on authorized commands and arguments in a more permissive way, enforcing a substring rather than a full-string match. This could potentia...
CVE-2024-49400
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That...
PT-2024-33511 · Tacquito · Tacquito
Name of the Vulnerable Software and Affected Versions: Tacquito versions prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 Description: The issue concerns the improper performance of regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to...