CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Description
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76
CVEs mapped to this weakness (1,552)
page 70 of 78| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-43396 | — | 0.00 | — | 0.57 | Dec 30, 2022 | In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf. | ||
| CVE-2022-46421 | 0.00 | — | 0.03 | Dec 20, 2022 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0. | |||
| CVE-2022-24377 | — | 0.00 | — | 0.02 | Dec 15, 2022 | The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization. | ||
| CVE-2022-45907 | 0.00 | — | 0.01 | Nov 26, 2022 | In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely. | |||
| CVE-2022-45462 | 0.00 | — | 0.03 | Nov 23, 2022 | Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher | |||
| CVE-2022-43695 | — | 0.00 | — | 0.01 | Nov 14, 2022 | Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in dashboard/system/express/entities/associations because Concrete CMS allows association with an entity name that doesn’t exist or, if it does exist,… | ||
| CVE-2022-42906 | — | 0.00 | — | 0.00 | Oct 13, 2022 | powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory… | ||
| CVE-2022-39243 | — | 0.00 | — | 0.01 | Sep 26, 2022 | NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's Java_java_lang_UNIXProcess_forkAndExec method (1.2.0+), attackers can use NUL characters in their strings to perform command line… | ||
| CVE-2022-21165 | — | 0.00 | — | 0.03 | Aug 29, 2022 | All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function. | ||
| CVE-2022-36633 | — | 0.00 | — | 0.49 | Aug 24, 2022 | Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a… | ||
| CVE-2022-35954 | 0.00 | — | 0.01 | Aug 13, 2022 | The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The `core.exportVariable` function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that… | |||
| CVE-2022-21186 | — | 0.00 | — | 0.25 | Aug 5, 2022 | The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input. | ||
| CVE-2020-28423 | — | 0.00 | — | 0.01 | Aug 2, 2022 | This affects all versions of package monorepo-build. | ||
| CVE-2020-28425 | — | 0.00 | — | 0.01 | Aug 2, 2022 | This affects all versions of package curljs. | ||
| CVE-2020-28433 | — | 0.00 | — | 0.01 | Aug 2, 2022 | This affects all versions of package node-latex-pdf. | ||
| CVE-2020-7795 | — | 0.00 | — | 0.04 | Aug 2, 2022 | The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js. | ||
| CVE-2020-28434 | — | 0.00 | — | 0.01 | Aug 2, 2022 | This affects all versions of package gitblame. The injection point is located in line 15 in lib/gitblame.js. | ||
| CVE-2020-28437 | — | 0.00 | — | 0.01 | Aug 2, 2022 | This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js. | ||
| CVE-2020-28451 | — | 0.00 | — | 0.01 | Aug 2, 2022 | This affects the package image-tiler before 2.0.2. | ||
| CVE-2020-28453 | — | 0.00 | — | 0.01 | Aug 2, 2022 | This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js. |
- CVE-2022-43396Dec 30, 2022risk 0.00cvss —epss 0.57
In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf.
- CVE-2022-46421Dec 20, 2022risk 0.00cvss —epss 0.03
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0.
- CVE-2022-24377Dec 15, 2022risk 0.00cvss —epss 0.02
The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization.
- CVE-2022-45907Nov 26, 2022risk 0.00cvss —epss 0.01
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
- CVE-2022-45462Nov 23, 2022risk 0.00cvss —epss 0.03
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher
- CVE-2022-43695Nov 14, 2022risk 0.00cvss —epss 0.01
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in dashboard/system/express/entities/associations because Concrete CMS allows association with an entity name that doesn’t exist or, if it does exist,…
- CVE-2022-42906Oct 13, 2022risk 0.00cvss —epss 0.00
powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory…
- CVE-2022-39243Sep 26, 2022risk 0.00cvss —epss 0.01
NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's Java_java_lang_UNIXProcess_forkAndExec method (1.2.0+), attackers can use NUL characters in their strings to perform command line…
- CVE-2022-21165Aug 29, 2022risk 0.00cvss —epss 0.03
All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.
- CVE-2022-36633Aug 24, 2022risk 0.00cvss —epss 0.49
Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a…
- CVE-2022-35954Aug 13, 2022risk 0.00cvss —epss 0.01
The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The `core.exportVariable` function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that…
- CVE-2022-21186Aug 5, 2022risk 0.00cvss —epss 0.25
The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.
- CVE-2020-28423Aug 2, 2022risk 0.00cvss —epss 0.01
This affects all versions of package monorepo-build.
- CVE-2020-28425Aug 2, 2022risk 0.00cvss —epss 0.01
This affects all versions of package curljs.
- CVE-2020-28433Aug 2, 2022risk 0.00cvss —epss 0.01
This affects all versions of package node-latex-pdf.
- CVE-2020-7795Aug 2, 2022risk 0.00cvss —epss 0.04
The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js.
- CVE-2020-28434Aug 2, 2022risk 0.00cvss —epss 0.01
This affects all versions of package gitblame. The injection point is located in line 15 in lib/gitblame.js.
- CVE-2020-28437Aug 2, 2022risk 0.00cvss —epss 0.01
This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js.
- CVE-2020-28451Aug 2, 2022risk 0.00cvss —epss 0.01
This affects the package image-tiler before 2.0.2.
- CVE-2020-28453Aug 2, 2022risk 0.00cvss —epss 0.01
This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js.