Common Weakness Enumeration

CWE-150

Allowed

Improper Neutralization of Escape, Meta, or Control Sequences

Abstraction: Variant · Status: Incomplete

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component.

115 vulnerabilities reference this CWE, most recent first.

GHSA-FF77-26X5-69CR

Vulnerability from github – Published: 2025-04-28 21:30 – Updated: 2025-11-03 22:56
VLAI
Summary
Apache Tomcat Rewrite rule bypass
Details

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.

Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6, which fix the issue.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 9.0.102"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-catalina"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.76"
            },
            {
              "fixed": "9.0.104"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-catalina"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.10"
            },
            {
              "fixed": "10.1.40"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-catalina"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0-M2"
            },
            {
              "fixed": "11.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 9.0.102"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.76"
            },
            {
              "fixed": "9.0.104"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.10"
            },
            {
              "fixed": "10.1.40"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0-M2"
            },
            {
              "fixed": "11.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-catalina"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "last_affected": "8.5.100"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "last_affected": "8.5.100"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-31651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-150"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-29T15:03:25Z",
    "nvd_published_at": "2025-04-28T20:15:20Z",
    "severity": "LOW"
  },
  "details": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\u00a0For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\n\nUsers are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6, which fix the issue.",
  "id": "GHSA-ff77-26x5-69cr",
  "modified": "2025-11-03T22:56:57Z",
  "published": "2025-04-28T21:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31651"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/066bf6b6a15a4e7e0941d4acf096841165b97098"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/175dc75fc428930034a6c93fb52f830d955d8e64"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/ee3ab548e92345eca0cbd1f01649eb36c6f29454"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/fbecc915a10c5a3d634c5e2c6ced4ff479ce9953"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/list.html?announce@tomcat.apache.org"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-10.html"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-11.html"
    },
    {
      "type": "WEB",
      "url": "https://tomcat.apache.org/security-9.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/04/28/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache Tomcat Rewrite rule bypass"
}

GHSA-FV2R-R8MP-PG48

Vulnerability from github – Published: 2025-11-06 23:48 – Updated: 2025-11-17 21:49
VLAI
Summary
Soft Serve does not sanitize ANSI escape sequences in user input
Details

Impact

In several places where the user can insert data (e.g. names), ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts.

In the same token, git messages, when printed, are also not being sanitized.

Places in which this was found:

  1. Repository Description (pkg/backend/repo.go - SetDescription)
  2. Repository Project Name (pkg/backend/repo.go - SetProjectName)
  3. Git Commit Author Names (pkg/ssh/cmd/commit.go:69)
  4. Git Commit Messages (pkg/ssh/cmd/commit.go:71)
  5. Access Token Names (pkg/ssh/cmd/token.go:107)
  6. Webhook URLs (pkg/ssh/cmd/webhooks.go:72)

Patches

v0.11.0

Workarounds

No.

References

n/a

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.10.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/charmbracelet/soft-serve"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.11.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-64494"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-11-06T23:48:12Z",
    "nvd_published_at": "2025-11-08T02:15:35Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nIn several places where the user can insert data (e.g. names), ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts.\n\nIn the same token, git messages, when printed, are also not being sanitized.\n\nPlaces in which this was found:\n\n1. Repository Description (pkg/backend/repo.go - SetDescription)\n2. Repository Project Name (pkg/backend/repo.go - SetProjectName)\n3. Git Commit Author Names (pkg/ssh/cmd/commit.go:69)\n4. Git Commit Messages (pkg/ssh/cmd/commit.go:71)\n5. Access Token Names (pkg/ssh/cmd/token.go:107)\n6. Webhook URLs (pkg/ssh/cmd/webhooks.go:72)\n\n### Patches\nv0.11.0\n\n### Workarounds\nNo.\n\n### References\nn/a",
  "id": "GHSA-fv2r-r8mp-pg48",
  "modified": "2025-11-17T21:49:09Z",
  "published": "2025-11-06T23:48:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-fv2r-r8mp-pg48"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64494"
    },
    {
      "type": "WEB",
      "url": "https://github.com/charmbracelet/soft-serve/commit/d9639320b8d0ccd76fe6836a042c042b0ebde549"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/charmbracelet/soft-serve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Soft Serve does not sanitize ANSI escape sequences in user input"
}

GHSA-GMJ6-6F8F-6699

Vulnerability from github – Published: 2024-12-23 17:54 – Updated: 2025-01-08 16:06
VLAI
Summary
Jinja has a sandbox breakout through malicious filenames
Details

A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used.

To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.1.4"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "jinja2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.1.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-56201"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-12-23T17:54:12Z",
    "nvd_published_at": "2024-12-23T16:15:07Z",
    "severity": "MODERATE"
  },
  "details": "A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja\u0027s sandbox is used.\n\nTo exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.",
  "id": "GHSA-gmj6-6f8f-6699",
  "modified": "2025-01-08T16:06:01Z",
  "published": "2024-12-23T17:54:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pallets/jinja/issues/1792"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/pallets/jinja"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Jinja has a sandbox breakout through malicious filenames"
}

GHSA-GP37-M2C5-J775

Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2024-08-20 18:31
VLAI
Details

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-36052"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T17:15:09Z",
    "severity": "HIGH"
  },
  "details": "RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.",
  "id": "GHSA-gp37-m2c5-j775",
  "modified": "2024-08-20T18:31:14Z",
  "published": "2024-05-21T18:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36052"
    },
    {
      "type": "WEB",
      "url": "https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983"
    },
    {
      "type": "WEB",
      "url": "https://www.rarlab.com/rarnew.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GRQV-QMHW-8PWC

Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30
VLAI
Details

Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to bypass a security feature over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-26149"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-14T18:16:45Z",
    "severity": "CRITICAL"
  },
  "details": "Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to bypass a security feature over a network.",
  "id": "GHSA-grqv-qmhw-8pwc",
  "modified": "2026-04-14T18:30:37Z",
  "published": "2026-04-14T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26149"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26149"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HJ44-M5XV-X75Q

Vulnerability from github – Published: 2026-04-16 03:31 – Updated: 2026-04-17 18:31
VLAI
Details

MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to the terminal when running mutool info, enabling them to clear the terminal display and render arbitrary text for social engineering attacks such as presenting fake prompts or spoofed commands.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-40505"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-16T02:16:11Z",
    "severity": "MODERATE"
  },
  "details": "MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to the terminal when running mutool info, enabling them to clear the terminal display and render arbitrary text for social engineering attacks such as presenting fake prompts or spoofed commands.",
  "id": "GHSA-hj44-m5xv-x75q",
  "modified": "2026-04-17T18:31:50Z",
  "published": "2026-04-16T03:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40505"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ArtifexSoftware/mupdf/commit/0f17d789fe8c29b41e47663be82514aaca3a4dfb"
    },
    {
      "type": "WEB",
      "url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0f17d789fe8c29b41e47663be82514aaca3a4dfb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ArtifexSoftware/mupdf/releases/tag/1.27.0"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/mupdf-mutool-ansi-injection-via-metadata"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-J55R-787P-M549

Vulnerability from github – Published: 2023-08-22 18:00 – Updated: 2023-09-01 19:46
VLAI
Summary
Shescape on Windows escaping may be bypassed in threaded context
Details

Impact

This may impact users that use Shescape on Windows in a threaded context (e.g. using Worker threads). The vulnerability can result in Shescape escaping (or quoting) for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell.

This snippet demonstrates a vulnerable use of Shescape:

// vulnerable.js

import { exec } from "node:child_process";
import { Worker, isMainThread } from 'node:worker_threads';

import * as shescape from "shescape";

if (isMainThread) {
  // 1. Something like a worker thread must be used. The reason being that they
  // unexpectedly change environment variable names on Windows.
  new Worker("./vulnerable.js");
} else {
  // 2. Example configuration that's problematic. In this setup example the
  // expected default system shell is CMD. We configure the use of PowerShell.
  // Shescape will fail to look up PowerShell and default to escaping for CMD
  // instead, resulting in the vulnerability.
  const options = {
    shell: "powershell",
    interpolation: true,
  };

  // 3. Using shescape to protect against attacks, this is correct.
  const escaped = shescape.escape("&& ls", options);

  // 4. Invoking a command with the escaped user input, this is vulnerable in
  // this case.
  exec(`echo Hello ${escaped}`, options, (error, stdout) => {
    if (error) {
      console.error(`An error occurred: ${error}`);
    } else {
      console.log(stdout);
    }
  });
}

Patches

This bug has been patched in v1.7.4 which you can upgrade to now. No further changes are required.

Workarounds

If you are impacted there is no workaround possible.

References

For more information

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "shescape"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.7.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-40185"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-08-22T18:00:04Z",
    "nvd_published_at": "2023-08-23T21:15:09Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThis may impact users that use Shescape on Windows in a threaded context (e.g. using [Worker threads](https://nodejs.org/api/worker_threads.html)). The vulnerability can result in Shescape escaping (or quoting) for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell.\n\nThis snippet demonstrates a vulnerable use of Shescape:\n\n```javascript\n// vulnerable.js\n\nimport { exec } from \"node:child_process\";\nimport { Worker, isMainThread } from \u0027node:worker_threads\u0027;\n\nimport * as shescape from \"shescape\";\n\nif (isMainThread) {\n  // 1. Something like a worker thread must be used. The reason being that they\n  // unexpectedly change environment variable names on Windows.\n  new Worker(\"./vulnerable.js\");\n} else {\n  // 2. Example configuration that\u0027s problematic. In this setup example the\n  // expected default system shell is CMD. We configure the use of PowerShell.\n  // Shescape will fail to look up PowerShell and default to escaping for CMD\n  // instead, resulting in the vulnerability.\n  const options = {\n    shell: \"powershell\",\n    interpolation: true,\n  };\n\n  // 3. Using shescape to protect against attacks, this is correct.\n  const escaped = shescape.escape(\"\u0026\u0026 ls\", options);\n\n  // 4. Invoking a command with the escaped user input, this is vulnerable in\n  // this case.\n  exec(`echo Hello ${escaped}`, options, (error, stdout) =\u003e {\n    if (error) {\n      console.error(`An error occurred: ${error}`);\n    } else {\n      console.log(stdout);\n    }\n  });\n}\n```\n\n### Patches\n\nThis bug has been patched in [v1.7.4](https://github.com/ericcornelissen/shescape/releases/tag/v1.7.4) which you can upgrade to now. No further changes are required.\n\n### Workarounds\n\nIf you are impacted there is no workaround possible.\n\n### References\n\n- Shescape Pull Request [#1142](https://github.com/ericcornelissen/shescape/pull/1142)\n- Shescape commit [`0b976da`](https://github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63)\n- Shescape release [v1.7.4](https://github.com/ericcornelissen/shescape/releases/tag/v1.7.4)\n\n### For more information\n\n- Comment on Pull Request [#1142](https://github.com/ericcornelissen/shescape/pull/1142)\n- Comment on commit [`0b976da`](https://github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63)\n- Open an issue at [https://github.com/ericcornelissen/shescape/issues](https://github.com/ericcornelissen/shescape/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) (New issue \u003e Question \u003e Get started)",
  "id": "GHSA-j55r-787p-m549",
  "modified": "2023-09-01T19:46:34Z",
  "published": "2023-08-22T18:00:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ericcornelissen/shescape/security/advisories/GHSA-j55r-787p-m549"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40185"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ericcornelissen/shescape/pull/1142"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ericcornelissen/shescape"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ericcornelissen/shescape/releases/tag/v1.7.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Shescape on Windows escaping may be bypassed in threaded context"
}

GHSA-JCMG-8GRX-M8J6

Vulnerability from github – Published: 2022-05-24 17:40 – Updated: 2024-03-21 03:33
VLAI
Details

** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-25310"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150",
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-02T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer",
  "id": "GHSA-jcmg-8grx-m8j6",
  "modified": "2024-03-21T03:33:58Z",
  "published": "2022-05-24T17:40:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25310"
    },
    {
      "type": "WEB",
      "url": "https://research.nccgroup.com/2021/01/28/technical-advisory-linksys-wrt160nl-authenticated-command-injection-cve-2021-25310"
    },
    {
      "type": "WEB",
      "url": "https://research.nccgroup.com/?research=Technical%20advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMP2-WC4P-WFH2

Vulnerability from github – Published: 2023-05-05 02:25 – Updated: 2023-05-05 02:25
VLAI
Summary
Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints
Details

Impact

Mutagen command line operations, as well as the log output from mutagen daemon run, are susceptible to control characters that could be provided by remote endpoints. This can cause terminal corruption, either intentional or unintentional, if these characters are present in error messages, file paths/names, and/or log output. This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint. On very old systems with terminals susceptible to issues such as CVE-2003-0069, the issue could theoretically cause code execution.

Patches

The problem has been patched in Mutagen v0.16.6 and v0.17.1. Earlier versions of Mutagen are no longer supported and will not be patched. Versions of Mutagen after v0.18.0 will also have the patch merged.

One caveat is that the templating functionality of Mutagen's list and monitor commands has been only partially patched. In particular, the json template function already provided escaping and no patching was necessary. However, raw template output has been left unescaped because this raw output may be necessary for commands which embed Mutagen. To aid these commands, a new shellSanitize template function has been added which provides control character neutralization in strings.

Workarounds

Avoiding synchronization of untrusted files or interaction with untrusted remote endpoints should mitigate any risk.

References

A similar issue can be seen in kubernetes/kubernetes#101695.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mutagen-io/mutagen"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.16.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mutagen-io/mutagen-compose"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.17.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mutagen-io/mutagen"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.17.0"
            },
            {
              "fixed": "0.17.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-30844"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-150"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-05-05T02:25:00Z",
    "nvd_published_at": "2023-05-08T18:15:14Z",
    "severity": "LOW"
  },
  "details": "### Impact\n\nMutagen command line operations, as well as the log output from `mutagen daemon run`, are susceptible to control characters that could be provided by remote endpoints.  This can cause terminal corruption, either intentional or unintentional, if these characters are present in error messages, file paths/names, and/or log output.  This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint.  On very old systems with terminals susceptible to issues such as [CVE-2003-0069](https://nvd.nist.gov/vuln/detail/CVE-2003-0069), the issue could theoretically cause code execution.\n\n\n### Patches\n\nThe problem has been patched in Mutagen v0.16.6 and v0.17.1.  Earlier versions of Mutagen are no longer supported and will not be patched.  Versions of Mutagen after v0.18.0 will also have the patch merged.\n\nOne caveat is that the templating functionality of Mutagen\u0027s `list` and `monitor` commands has been only partially patched.  In particular, the `json` template function already provided escaping and no patching was necessary.  However, raw template output has been left unescaped because this raw output may be necessary for commands which embed Mutagen.  To aid these commands, a new `shellSanitize` template function has been added which provides control character neutralization in strings.\n\n\n### Workarounds\n\nAvoiding synchronization of untrusted files or interaction with untrusted remote endpoints should mitigate any risk.\n\n\n### References\n\nA similar issue can be seen in kubernetes/kubernetes#101695.\n",
  "id": "GHSA-jmp2-wc4p-wfh2",
  "modified": "2023-05-05T02:25:00Z",
  "published": "2023-05-05T02:25:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mutagen-io/mutagen/security/advisories/GHSA-jmp2-wc4p-wfh2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30844"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mutagen-io/mutagen"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mutagen-io/mutagen/releases/tag/v0.16.6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mutagen-io/mutagen/releases/tag/v0.17.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints"
}

GHSA-M4PQ-FV2W-6HRW

Vulnerability from github – Published: 2024-03-05 20:54 – Updated: 2024-06-10 12:32
VLAI
Summary
Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping
Details

Summary

A maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents.

Details

In the patch for CVE-2023-28446, Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to the program are based on the contents that contain the ANSI escape sequences.

For example, requesting the read permission with /tmp/hello\u001b[/../../etc/hosts as a path will display the /tmp/hellotc/hosts in the permission prompt, but the actual permission given to the program is /tmp/hello\u001b[/../../etc/hosts, which is /etc/hosts after the normalization.

This difference allows a malicious Deno program to spoof the contents of the permission prompt.

PoC

Run the following JavaScript and observe that /tmp/hellotc/hosts is displayed in the permission prompt instead of /etc/hosts, although Deno gives access to /etc/hosts.

const permission = { name: "read", path: "/tmp/hello\u001b[/../../etc/hosts" };
await Deno.permissions.request(permission);
console.log(await Deno.readTextFile("/etc/hosts"));

Expected prompt

┌ ⚠️  Deno requests read access to "/etc/hosts".
├ Requested by `Deno.permissions.query()` API
├ Run again with --allow-read to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) >

Actual prompt

┌ ⚠️  Deno requests read access to "/tmp/hellotc/hosts".
├ Requested by `Deno.permissions.query()` API
├ Run again with --allow-read to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) >

Impact

Any Deno program can spoof the content of the interactive permission prompt by inserting a broken ANSI code, which allows a malicious Deno program to display the wrong file path or program name to the user.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "deno"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.32.1"
            },
            {
              "fixed": "1.41.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "deno_runtime"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.103.0"
            },
            {
              "fixed": "0.147.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-27936"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-03-05T20:54:14Z",
    "nvd_published_at": "2024-03-21T02:52:22Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nA maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents.\n\n### Details\nIn [the patch for CVE-2023-28446](https://github.com/denoland/deno/commit/78d430103a8f6931154ddbbe19d36f3b8630286d), Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to the program are based on the contents that contain the ANSI escape sequences.\n\nFor example, requesting the read permission with `/tmp/hello\\u001b[/../../etc/hosts` as a path will display the `/tmp/hellotc/hosts` in the permission prompt, but the actual permission given to the program is `/tmp/hello\\u001b[/../../etc/hosts`, which is `/etc/hosts` after the normalization.\n\nThis difference allows a malicious Deno program to spoof the contents of the permission prompt.\n\n\n### PoC\nRun the following JavaScript and observe that `/tmp/hellotc/hosts` is displayed in the permission prompt instead of `/etc/hosts`, although Deno gives access to `/etc/hosts`.\n``` javascript\nconst permission = { name: \"read\", path: \"/tmp/hello\\u001b[/../../etc/hosts\" };\nawait Deno.permissions.request(permission);\nconsole.log(await Deno.readTextFile(\"/etc/hosts\"));\n```\n\n#### Expected prompt\n```\n\u250c \u26a0\ufe0f  Deno requests read access to \"/etc/hosts\".\n\u251c Requested by `Deno.permissions.query()` API\n\u251c Run again with --allow-read to bypass this prompt.\n\u2514 Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) \u003e\n```\n\n#### Actual prompt\n```\n\u250c \u26a0\ufe0f  Deno requests read access to \"/tmp/hellotc/hosts\".\n\u251c Requested by `Deno.permissions.query()` API\n\u251c Run again with --allow-read to bypass this prompt.\n\u2514 Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) \u003e\n\n```\n\n### Impact\nAny Deno program can spoof the content of the interactive permission prompt by inserting a broken ANSI code, which allows a malicious Deno program to display the wrong file path or program name to the user.",
  "id": "GHSA-m4pq-fv2w-6hrw",
  "modified": "2024-06-10T12:32:57Z",
  "published": "2024-03-05T20:54:14Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/denoland/deno/security/advisories/GHSA-m4pq-fv2w-6hrw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27936"
    },
    {
      "type": "WEB",
      "url": "https://github.com/denoland/deno/commit/78d430103a8f6931154ddbbe19d36f3b8630286d"
    },
    {
      "type": "WEB",
      "url": "https://github.com/denoland/deno/commit/7e6b94231290020b55f1d08fb03ea8132781abc5"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/denoland/deno"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Deno\u0027s deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping"
}

Mitigation

Developers should anticipate that escape, meta and control characters/sequences will be injected/removed/manipulated in the input vectors of their product. Use an appropriate combination of denylists and allowlists to ensure only valid, expected and appropriate input is processed by the system.

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-28
Implementation

Strategy: Output Encoding

While it is risky to use dynamically-generated query strings, code, or commands that mix control and data together, sometimes it may be unavoidable. Properly quote arguments and escape any special characters within those arguments. The most conservative approach is to escape or filter all characters that do not pass an extremely strict allowlist (such as everything that is not alphanumeric or white space). If some special characters are still needed, such as white space, wrap each argument in quotes after the escaping/filtering step. Be careful of argument injection (CWE-88).

Mitigation MIT-20
Implementation

Strategy: Input Validation

Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.

Mitigation
Implementation

When using output from an LLM, neutralize or strip escape codes before redirecting output to the terminal or other rendering engine that would process the codes. The neutralization could require that the character be printable and/or allowable whitespace, such as a carriage return or newline. Be deliberate about what to allow.

Mitigation
Build and Compilation

When using an LLM: during tokenizer training, suppress escape codes from the tokenizer's vocabulary. Depending on context, this could be accomplished by removing the codes from input to the tokenizer, or removing the map from the string to its token ID. It is generally unlikely that this removal would adversely affect the quality or correctness of what is generated, e.g. advice requests for terminal settings to change colors.

CAPEC-134: Email Injection

An adversary manipulates the headers and content of an email message by injecting data via the use of delimiter characters native to the protocol.

CAPEC-41: Using Meta-characters in E-mail Headers to Inject Malicious Payloads

This type of attack involves an attacker leveraging meta-characters in email headers to inject improper behavior into email programs. Email software has become increasingly sophisticated and feature-rich. In addition, email applications are ubiquitous and connected directly to the Web making them ideal targets to launch and propagate attacks. As the user demand for new functionality in email applications grows, they become more like browsers with complex rendering and plug in routines. As more email functionality is included and abstracted from the user, this creates opportunities for attackers. Virtually all email applications do not list email header information by default, however the email header contains valuable attacker vectors for the attacker to exploit particularly if the behavior of the email client application is known. Meta-characters are hidden from the user, but can contain scripts, enumerations, probes, and other attacks against the user's system.

CAPEC-81: Web Server Logs Tampering

Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.

CAPEC-93: Log Injection-Tampering-Forging

This attack targets the log files of the target host. The attacker injects, manipulates or forges malicious log entries in the log file, allowing them to mislead a log audit, cover traces of attack, or perform other malicious actions. The target host is not properly controlling log access. As a result tainted data is resulting in the log files leading to a failure in accountability, non-repudiation and incident forensics capability.