33225 matches found
uutils coreutils has an Improper Input Validation Issue in its cut Utility
A logic error in the cut utility of uutils coreutils causes the program to incorrectly interpret the literal two-byte string '' two single quotes as an empty delimiter. The implementation mistakenly maps this string to the NUL character for both the -d delimiter and --output-delimiter options. Th...
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output files using their file paths before initiating the split operation. However, the utility subsequently...
uutils coreutils has an Incorrect Provision of Specified Functionality Issue
A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the :graph: and :print: character classes. The implementation mistakenly includes the ASCII space character 0x20 in the :graph: class and excludes it from the :print: class, effectively reversing the...
uutils coreutils has an Improper Input Validation Issue in its env Utility
A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S split-string option. In GNU env, backslashes within single quotes are treated literally with the exceptions of \ and '. However, the uutils implementation...
Duplicate Advisory: uutils coreutils has an Incorrect Provision of Specified Functionality Issue in its cut Utility
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pmfc-4wjj-gmhx. This link is maintained to preserve external references. Original Description A logic error in the cut utility of uutils coreutils causes the utility to ignore the -s only-delimited flag when usi...
uutils coreutils has an Improper Handling of Unicode Encoding Issue
A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes tostringlossy when constructing chunk filenames, which automatically rewrites invalid byte sequences into the UTF-8...
Duplicate Advisory: uutils coreutils has an Incorrect Authorization issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-47c7-qrm7-mqw7. This link is maintained to preserve external references. Original Description The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's...
Duplicate Advisory: uutils coreutils's User Interface (UI) Misrepresents Critical Information
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xv5w-cw7x-72gj. This link is maintained to preserve external references. Original Description The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and...
Duplicate Advisory: uutils coreutils has an Improper Handling of Unicode Encoding Issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jcjr-rh8q-7xqf. This link is maintained to preserve external references. Original Description A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8...
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path lookup via ftsaccpath rather than binding the traversal and label application to the specific directory...
uutils coreutils has a UNIX Symbolic Link (Symlink) Following issue
A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...
Duplicate Advisory: uutils coreutils has an Improper Input Validation issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p6rv-2qpm-fwvg. This link is maintained to preserve external references. Original Description An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send...
Duplicate Advisory: uutils coreutils has a Link Following issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h444-6j9x-p8vh. This link is maintained to preserve external references. Original Description The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across...
uutils coreutils has an Unchecked Return Value Issue
The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...
uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...
Duplicate Advisory: uutils coreutils has an Improper Preservation of Permissions issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9hw-mj3w-phcq. This link is maintained to preserve external references. Original Description The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before...
Duplicate Advisory: uutils coreutils Uses Incorrectly-Resolved Name or Reference
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8vrf-r662-2w2v. This link is maintained to preserve external references. Original Description The cp utility in uutils coreutils, when performing recursive copies -R, incorrectly treats character and block devic...
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file creation. When the utility identifies a missing path, it later attempts creation using File::create, which internally uses OTRUNC. An attacker can exploit this window to create ...
uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...
Duplicate Advisory: uutils coreutils has an Issue With its Always-Incorrect Control Flow Implementation
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wv33-5pxh-r7j7. This link is maintained to preserve external references. Original Description The cut utility in uutils coreutils incorrectly handles the -s only-delimited option when a newline character is...
uutils coreutils has a Link Following issue
A Time-of-Check to Time-of-Use TOCTOU vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the ONOFOLLOW flag. An attacker with...
Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...
Duplicate Advisory: coreutils' comm utility silently corrupts data by performing lossy UTF-8 conversion on all output lines
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6gcw-w7cp-94g9. This link is maintained to preserve external references. Original Description The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines...
uutils coreutils has an Incorrect Permission Assignment for Critical Resource
The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to inherit umask-based permissions, typically resulting in a world-readable file 0644. In multi-user environments, this allows any user on the...
Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwm6-q8ch-hcfr. This link is maintained to preserve external references. Original Description A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the ...
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...
uutils coreutils doesn't properly handle setuid and setgid bits when ownership preservation fails
The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p preserve flag, the utility applies the source mode bits even if the chown operation is unsuccessful. This can result in a user-owned copy retaining origin...
Duplicate Advisory: uutils coreutils has an Improper Check for Unusual or Exceptional Conditions
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p7h3-7q52-72w8. This link is maintained to preserve external references. Original Description The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte...
Duplicate Advisory: uutils coreutils' comm utility incorrectly consumes data from non-regular file inputs before performing comparison operations
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3wfc-mgpm-9rq6. This link is maintained to preserve external references. Original Description The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing...
Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-239g-2685-54x3. This link is maintained to preserve external references. Original Description The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during...
Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mj6p-44ch-cq69. This link is maintained to preserve external references. Original Description The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by creating a directory...
uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local attacker with write access to the parent directory can swap the newly created FIFO for a symbolic link...
Duplicate Advisory: uutils coreutils has a Path Traversal issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-89p7-7cq3-hhr2. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect t...
Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w6xc-g9qj-vp32. This link is maintained to preserve external references. Original Description The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU...
uutils coreutils has an Uncaught Exception When Encountering Valid but Non-UTF-8 Paths
The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived permissions e.g., 0644 before being restricted to their final mode e.g., 0600 later in the process. A local attacker can race to open the file...
uutils coreutils has an Untrusted Search Path
A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...
Duplicate Advisory: uutils coreutils allows unauthorized modification of permissions on existing files
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pmf6-rcx4-v53v. This link is maintained to preserve external references. Original Description A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files...
Duplicate Advisory: uutils coreutils has an Incorrect Check of Function Return Value
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2x2h-fw32-rq7v. This link is maintained to preserve external references. Original Description A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit...
Duplicate Advisory: uutils coreutils allows users to bypass the --preserve-root safety mechanism
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4c7q-4928-8445. This link is maintained to preserve external references. Original Description A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism...
Silverpeas Core has a reflected cross-site scripting vulnerability
A reflected cross-site scripting XSS vulnerability in the AdvancedSearch functionality of Silverpeas Core allows attackers to execute arbitrary JavaScript in the context of a user's browser via crafted input...
Duplicate Advisory: uutils coreutils' mktemp utility doesn't properly handle an empty TMPDIR environment variable
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2w8r-9xj7-69j5. This link is maintained to preserve external references. Original Description The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU...
Duplicate Advisory: uutils coreutils incorrectly handles exit codes when processing multiple files
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4x34-chg5-mwjj. This link is maintained to preserve external references. Original Description The recursive mode -R of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multipl...
uutils coreutils has a Link Following Issue
A vulnerability in the tail utility of uutils coreutils allows for the exfiltration of sensitive file contents when using the --follow=name option. Unlike GNU tail, the uutils implementation continues to monitor a path after it has been replaced by a symbolic link, subsequently outputting the...
Inspektor Gadget: Command Injection via malicious buildOptions manipulation
Impacted Resources inspektor-gadget/cmd/common/image/build.go inspektor-gadget/cmd/common/image/helpers/Makefile.build Description The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
i18next-fs-backend: Path traversal via unsanitised lng/ns allows arbitrary file read/overwrite
Summary Versions of i18next-fs-backend prior to 2.6.4 interpolate the caller-supplied lng and ns values directly into the configured loadPath and addPath templates with no path-component validation and no sanitisation. When an application exposes the resolved language code to user-controlled inpu...
i18nextify has DOM XSS via javascript:/data: URL schemes in translated href/src attributes
Summary Versions of i18nextify prior to 4.0.8 substitute key interpolation tokens inside src and href attribute values with the raw string returned by i18next.t. The substitution logic in src/localize.js replaceInside handler around line 122 only guards against a duplicated http:// origin prefix ...
i18next-http-backend has Path Traversal & URL Injection via Unsanitised lng/ns
Summary Versions of i18next-http-backend prior to 3.0.5 interpolate the lng and ns values directly into the configured loadPath / addPath URL template without any encoding, validation, or path sanitisation. When an application exposes the language-code selection to user-controlled input the defau...
i18next-http-middleware: Prototype pollution and path traversal via user-controlled language and namespace parameters
Summary Versions of i18next-http-middleware prior to 3.9.3 pass user-controlled lng and ns parameters to two internal paths that use them in ways that enable prototype pollution and, depending on the configured backend, path traversal or SSRF. The vulnerable entry points are unauthenticated HTTP...
Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API
Summary The /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed authenticated users with any valid session to inject arbitrary S...