Lucene search
K

74 matches found

Debian CVE
Debian CVE
added 2026/05/12 1:28 p.m.5 views

CVE-2026-27851

When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No...

9.1CVSS5.8AI score0.00406EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/12 1:28 p.m.11 views

CVE-2026-27851

When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No...

9.1CVSS5.8AI score0.00406EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40024

Name of the Vulnerable Software and Affected Versions dovecot versions prior to 2.4.4-1.1 Description When the safe filter is used with variable expansion, subsequent pipelines on the same string are incorrectly treated as safe. This behavior allows unsafe data to be unescaped, which can lead to...

9.1CVSS5.8AI score0.00406EPSS
Exploits0References28
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability arises from the use of a security filter for variable expansion, where all subsequent pipes on the same strin...

9.1CVSS5.9AI score0.00406EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.17 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017478)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017478 advisory. A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, usi...

7.2CVSS7.1AI score0.00573EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.6 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python311 (SUSE-SU-2026:1349-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1349-1 advisory. - Updated to Python 3.11.15 - CVE-2025-6075: If the value passed to os.path.expandvars is...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References46
Vulnrichment
Vulnrichment
added 2026/04/09 9:27 p.m.3 views

CVE-2026-40153 PraisonAIAgents Affected by Environment Variable Secret Exfiltration via os.path.expandvars() Bypassing shell=False in Shell Tool

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the executecommand function in shelltools.py calls os.path.expandvars on every command argument at line 64, manually re-implementing shell-level environment variable expansion despite using shell=False line 88 for security. This...

7.4CVSS5.8AI score0.00273EPSS
Exploits1References1
OSV
OSV
added 2026/04/08 12:4 a.m.1 views

GHSA-JVPW-637P-H3PW File Browser has a Command Injection via Hook Runner

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

7.5CVSS6AI score0.01922EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2026/03/13 1:15 p.m.6 views

SUSE CVE-2026-32260

Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.7.0 to 2.7.1, A command injection vulnerability exists in Deno's node:childprocess polyfill shell: true mode that bypasses the fix for CVE-2026-27190. The two-stage argument sanitization in transformDenoShellCommand...

9.8CVSS6.1AI score0.01483EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.14 views

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2026-1256)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment...

7.5CVSS7AI score0.01525EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/02/18 12:50 a.m.9 views

OpenClaw exec approvals: safeBins could bypass stdin-only constraints via shell expansion

Summary OpenClaw's exec-approvals allowlist supports a small set of "safe bins" intended to be stdin-only no positional file arguments when running tools.exec.host=gateway|node with security=allowlist. In affected configurations, the allowlist validation checked pre-expansion argv tokens, but...

8.6CVSS5.8AI score0.00167EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.8 views

Amazon Linux 2023 : python3.12, python3.12-devel, python3.12-idle (ALAS2023-2025-1294)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1294 advisory. If the value passed to os.path.expandvars is user-controlled aperformance degradation is possible when expanding environmentvariables. CVE-2025-6075 Tenable has extracted the preceding description bloc...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/11/26 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-7886-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.8AI score0.00353EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/11/24 2:53 p.m.7 views

USN-7886-1: Python vulnerabilities

It was discovered that Python inefficiently handled expanding system environment variables. An attacker could possibly use this issue to cause Python to consume excessive resources, leading to a denial of service. CVE-2025-6075 Caleb Brown discovered that Python incorrectly handled the ZIP64 End ...

5.5CVSS6.8AI score0.00353EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/06 10:13 a.m.4 views

CVE-2025-6075

A vulnerability in Python’s os.path.expandvars function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denia...

4CVSS7AI score0.00136EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/31 6:31 p.m.3 views

EUVD-2025-37384

If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables...

1.8CVSS6.3AI score0.00136EPSS
Exploits0References9
OSV
OSV
added 2025/10/31 5:15 p.m.7 views

AZL-69628 CVE-2025-6075 affecting package python3 for versions less than 3.12.9-6

If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables...

5.5CVSS6.4AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2025/10/31 5:15 p.m.4 views

UBUNTU-CVE-2025-6075

If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables...

5.5CVSS6.4AI score0.00136EPSS
Exploits0References5
CVE
CVE
added 2025/10/31 4:41 p.m.48 views

CVE-2025-6075

CVE-2025-6075 affects Python’s os.path.expandvars() with user-controlled input, causing potential performance degradation during environment variable expansion. Connected advisories confirm this affects multiple Python versions and distributions, with patches available: Debian LTS DLA-4445-1 (pyt...

5.5CVSS6.5AI score0.00136EPSS
Exploits0References9Affected Software1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.6 views

CPython 安全漏洞

CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython versions prior to 3.15.0, which stems from a user-controllable value passed to os.path.expandvars that could lead to degraded environment variable expansion performance...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References8
Rows per page
Query Builder