Lucene search
Veracode Vulnerability DatabaseVERACODE:38375HistoryDec 08, 2022 - 6:57 a.m.
OS Command Injection
2022-12-0806:57:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
os command injection
nadesiko3
vulnerability
compression
decompression
attacker
arbitrary commands
EPSS
0.005
Percentile
77.8%
nadesiko3 is vulnerable to OS command injection. The vulnerability exists due to compression and decompression which allows an attacker to inject and execute arbitrary commands.
References
github.com/kujirahand/nadesiko3/commit/56ccfb2f9cceaec83e6a9d3024c3ba8c54ebe1a4
github.com/kujirahand/nadesiko3/commit/bb6dcb43efa109edd8165fce92277fc8806c77d4
github.com/kujirahand/nadesiko3/issues/1325
github.com/kujirahand/nadesiko3/issues/1347
github.com/kujirahand/nadesiko3/releases/tag/3.3.62
github.com/kujirahand/nadesiko3/releases/tag/3.3.69
jvn.jp/en/jp/JVN56968681/index.html
Related
prion
prion
Command injection
2022-12-05 04:15:00
github
github
Nadesiko3 OS Command Injection vulnerability
2022-12-05 06:30:22
osv
osv
Nadesiko3 OS Command Injection vulnerability
2022-12-05 06:30:22
nvd
nvd
CVE-2022-41642
2022-12-05 04:15:09
cvelist
cvelist
CVE-2022-41642
2022-12-05 00:00:00
cve
cve
CVE-2022-41642
2022-12-05 04:15:09
jvn
jvn
JVN#56968681: Multiple vulnerabilities in nadesiko3
2022-10-20 00:00:00