CWE-150
AllowedImproper Neutralization of Escape, Meta, or Control Sequences
Abstraction: Variant · Status: Incomplete
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component.
115 vulnerabilities reference this CWE, most recent first.
GHSA-FF77-26X5-69CR
Vulnerability from github – Published: 2025-04-28 21:30 – Updated: 2025-11-03 22:56Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.
Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6, which fix the issue.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 9.0.102"
},
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.76"
},
{
"fixed": "9.0.104"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.10"
},
{
"fixed": "10.1.40"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0-M2"
},
{
"fixed": "11.0.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 9.0.102"
},
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.76"
},
{
"fixed": "9.0.104"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.10"
},
{
"fixed": "10.1.40"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0-M2"
},
{
"fixed": "11.0.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.0"
},
{
"last_affected": "8.5.100"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.0"
},
{
"last_affected": "8.5.100"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-31651"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-150"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-29T15:03:25Z",
"nvd_published_at": "2025-04-28T20:15:20Z",
"severity": "LOW"
},
"details": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\u00a0For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\n\nUsers are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6, which fix the issue.",
"id": "GHSA-ff77-26x5-69cr",
"modified": "2025-11-03T22:56:57Z",
"published": "2025-04-28T21:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31651"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/066bf6b6a15a4e7e0941d4acf096841165b97098"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/175dc75fc428930034a6c93fb52f830d955d8e64"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/ee3ab548e92345eca0cbd1f01649eb36c6f29454"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/fbecc915a10c5a3d634c5e2c6ced4ff479ce9953"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tomcat"
},
{
"type": "WEB",
"url": "https://lists.apache.org/list.html?announce@tomcat.apache.org"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-10.html"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-11.html"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-9.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/04/28/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "Apache Tomcat Rewrite rule bypass"
}
GHSA-FV2R-R8MP-PG48
Vulnerability from github – Published: 2025-11-06 23:48 – Updated: 2025-11-17 21:49Impact
In several places where the user can insert data (e.g. names), ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts.
In the same token, git messages, when printed, are also not being sanitized.
Places in which this was found:
- Repository Description (pkg/backend/repo.go - SetDescription)
- Repository Project Name (pkg/backend/repo.go - SetProjectName)
- Git Commit Author Names (pkg/ssh/cmd/commit.go:69)
- Git Commit Messages (pkg/ssh/cmd/commit.go:71)
- Access Token Names (pkg/ssh/cmd/token.go:107)
- Webhook URLs (pkg/ssh/cmd/webhooks.go:72)
Patches
v0.11.0
Workarounds
No.
References
n/a
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.10.0"
},
"package": {
"ecosystem": "Go",
"name": "github.com/charmbracelet/soft-serve"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.11.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-64494"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": true,
"github_reviewed_at": "2025-11-06T23:48:12Z",
"nvd_published_at": "2025-11-08T02:15:35Z",
"severity": "MODERATE"
},
"details": "### Impact\nIn several places where the user can insert data (e.g. names), ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts.\n\nIn the same token, git messages, when printed, are also not being sanitized.\n\nPlaces in which this was found:\n\n1. Repository Description (pkg/backend/repo.go - SetDescription)\n2. Repository Project Name (pkg/backend/repo.go - SetProjectName)\n3. Git Commit Author Names (pkg/ssh/cmd/commit.go:69)\n4. Git Commit Messages (pkg/ssh/cmd/commit.go:71)\n5. Access Token Names (pkg/ssh/cmd/token.go:107)\n6. Webhook URLs (pkg/ssh/cmd/webhooks.go:72)\n\n### Patches\nv0.11.0\n\n### Workarounds\nNo.\n\n### References\nn/a",
"id": "GHSA-fv2r-r8mp-pg48",
"modified": "2025-11-17T21:49:09Z",
"published": "2025-11-06T23:48:12Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-fv2r-r8mp-pg48"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64494"
},
{
"type": "WEB",
"url": "https://github.com/charmbracelet/soft-serve/commit/d9639320b8d0ccd76fe6836a042c042b0ebde549"
},
{
"type": "PACKAGE",
"url": "https://github.com/charmbracelet/soft-serve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Soft Serve does not sanitize ANSI escape sequences in user input"
}
GHSA-GMJ6-6F8F-6699
Vulnerability from github – Published: 2024-12-23 17:54 – Updated: 2025-01-08 16:06A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used.
To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.1.4"
},
"package": {
"ecosystem": "PyPI",
"name": "jinja2"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.1.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-56201"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": true,
"github_reviewed_at": "2024-12-23T17:54:12Z",
"nvd_published_at": "2024-12-23T16:15:07Z",
"severity": "MODERATE"
},
"details": "A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja\u0027s sandbox is used.\n\nTo exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.",
"id": "GHSA-gmj6-6f8f-6699",
"modified": "2025-01-08T16:06:01Z",
"published": "2024-12-23T17:54:12Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/jinja"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Jinja has a sandbox breakout through malicious filenames"
}
GHSA-GP37-M2C5-J775
Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2024-08-20 18:31RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.
{
"affected": [],
"aliases": [
"CVE-2024-36052"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T17:15:09Z",
"severity": "HIGH"
},
"details": "RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.",
"id": "GHSA-gp37-m2c5-j775",
"modified": "2024-08-20T18:31:14Z",
"published": "2024-05-21T18:31:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36052"
},
{
"type": "WEB",
"url": "https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983"
},
{
"type": "WEB",
"url": "https://www.rarlab.com/rarnew.htm"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GRQV-QMHW-8PWC
Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to bypass a security feature over a network.
{
"affected": [],
"aliases": [
"CVE-2026-26149"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-14T18:16:45Z",
"severity": "CRITICAL"
},
"details": "Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to bypass a security feature over a network.",
"id": "GHSA-grqv-qmhw-8pwc",
"modified": "2026-04-14T18:30:37Z",
"published": "2026-04-14T18:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26149"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26149"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HJ44-M5XV-X75Q
Vulnerability from github – Published: 2026-04-16 03:31 – Updated: 2026-04-17 18:31MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to the terminal when running mutool info, enabling them to clear the terminal display and render arbitrary text for social engineering attacks such as presenting fake prompts or spoofed commands.
{
"affected": [],
"aliases": [
"CVE-2026-40505"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-16T02:16:11Z",
"severity": "MODERATE"
},
"details": "MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to the terminal when running mutool info, enabling them to clear the terminal display and render arbitrary text for social engineering attacks such as presenting fake prompts or spoofed commands.",
"id": "GHSA-hj44-m5xv-x75q",
"modified": "2026-04-17T18:31:50Z",
"published": "2026-04-16T03:31:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40505"
},
{
"type": "WEB",
"url": "https://github.com/ArtifexSoftware/mupdf/commit/0f17d789fe8c29b41e47663be82514aaca3a4dfb"
},
{
"type": "WEB",
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0f17d789fe8c29b41e47663be82514aaca3a4dfb"
},
{
"type": "WEB",
"url": "https://github.com/ArtifexSoftware/mupdf/releases/tag/1.27.0"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/mupdf-mutool-ansi-injection-via-metadata"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-J55R-787P-M549
Vulnerability from github – Published: 2023-08-22 18:00 – Updated: 2023-09-01 19:46Impact
This may impact users that use Shescape on Windows in a threaded context (e.g. using Worker threads). The vulnerability can result in Shescape escaping (or quoting) for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell.
This snippet demonstrates a vulnerable use of Shescape:
// vulnerable.js
import { exec } from "node:child_process";
import { Worker, isMainThread } from 'node:worker_threads';
import * as shescape from "shescape";
if (isMainThread) {
// 1. Something like a worker thread must be used. The reason being that they
// unexpectedly change environment variable names on Windows.
new Worker("./vulnerable.js");
} else {
// 2. Example configuration that's problematic. In this setup example the
// expected default system shell is CMD. We configure the use of PowerShell.
// Shescape will fail to look up PowerShell and default to escaping for CMD
// instead, resulting in the vulnerability.
const options = {
shell: "powershell",
interpolation: true,
};
// 3. Using shescape to protect against attacks, this is correct.
const escaped = shescape.escape("&& ls", options);
// 4. Invoking a command with the escaped user input, this is vulnerable in
// this case.
exec(`echo Hello ${escaped}`, options, (error, stdout) => {
if (error) {
console.error(`An error occurred: ${error}`);
} else {
console.log(stdout);
}
});
}
Patches
This bug has been patched in v1.7.4 which you can upgrade to now. No further changes are required.
Workarounds
If you are impacted there is no workaround possible.
References
For more information
- Comment on Pull Request #1142
- Comment on commit
0b976da - Open an issue at https://github.com/ericcornelissen/shescape/issues (New issue > Question > Get started)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "shescape"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-40185"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": true,
"github_reviewed_at": "2023-08-22T18:00:04Z",
"nvd_published_at": "2023-08-23T21:15:09Z",
"severity": "HIGH"
},
"details": "### Impact\n\nThis may impact users that use Shescape on Windows in a threaded context (e.g. using [Worker threads](https://nodejs.org/api/worker_threads.html)). The vulnerability can result in Shescape escaping (or quoting) for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell.\n\nThis snippet demonstrates a vulnerable use of Shescape:\n\n```javascript\n// vulnerable.js\n\nimport { exec } from \"node:child_process\";\nimport { Worker, isMainThread } from \u0027node:worker_threads\u0027;\n\nimport * as shescape from \"shescape\";\n\nif (isMainThread) {\n // 1. Something like a worker thread must be used. The reason being that they\n // unexpectedly change environment variable names on Windows.\n new Worker(\"./vulnerable.js\");\n} else {\n // 2. Example configuration that\u0027s problematic. In this setup example the\n // expected default system shell is CMD. We configure the use of PowerShell.\n // Shescape will fail to look up PowerShell and default to escaping for CMD\n // instead, resulting in the vulnerability.\n const options = {\n shell: \"powershell\",\n interpolation: true,\n };\n\n // 3. Using shescape to protect against attacks, this is correct.\n const escaped = shescape.escape(\"\u0026\u0026 ls\", options);\n\n // 4. Invoking a command with the escaped user input, this is vulnerable in\n // this case.\n exec(`echo Hello ${escaped}`, options, (error, stdout) =\u003e {\n if (error) {\n console.error(`An error occurred: ${error}`);\n } else {\n console.log(stdout);\n }\n });\n}\n```\n\n### Patches\n\nThis bug has been patched in [v1.7.4](https://github.com/ericcornelissen/shescape/releases/tag/v1.7.4) which you can upgrade to now. No further changes are required.\n\n### Workarounds\n\nIf you are impacted there is no workaround possible.\n\n### References\n\n- Shescape Pull Request [#1142](https://github.com/ericcornelissen/shescape/pull/1142)\n- Shescape commit [`0b976da`](https://github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63)\n- Shescape release [v1.7.4](https://github.com/ericcornelissen/shescape/releases/tag/v1.7.4)\n\n### For more information\n\n- Comment on Pull Request [#1142](https://github.com/ericcornelissen/shescape/pull/1142)\n- Comment on commit [`0b976da`](https://github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63)\n- Open an issue at [https://github.com/ericcornelissen/shescape/issues](https://github.com/ericcornelissen/shescape/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) (New issue \u003e Question \u003e Get started)",
"id": "GHSA-j55r-787p-m549",
"modified": "2023-09-01T19:46:34Z",
"published": "2023-08-22T18:00:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ericcornelissen/shescape/security/advisories/GHSA-j55r-787p-m549"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40185"
},
{
"type": "WEB",
"url": "https://github.com/ericcornelissen/shescape/pull/1142"
},
{
"type": "WEB",
"url": "https://github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63"
},
{
"type": "PACKAGE",
"url": "https://github.com/ericcornelissen/shescape"
},
{
"type": "WEB",
"url": "https://github.com/ericcornelissen/shescape/releases/tag/v1.7.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Shescape on Windows escaping may be bypassed in threaded context"
}
GHSA-JCMG-8GRX-M8J6
Vulnerability from github – Published: 2022-05-24 17:40 – Updated: 2024-03-21 03:33** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
{
"affected": [],
"aliases": [
"CVE-2021-25310"
],
"database_specific": {
"cwe_ids": [
"CWE-150",
"CWE-78"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-02T15:15:00Z",
"severity": "HIGH"
},
"details": "** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer",
"id": "GHSA-jcmg-8grx-m8j6",
"modified": "2024-03-21T03:33:58Z",
"published": "2022-05-24T17:40:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25310"
},
{
"type": "WEB",
"url": "https://research.nccgroup.com/2021/01/28/technical-advisory-linksys-wrt160nl-authenticated-command-injection-cve-2021-25310"
},
{
"type": "WEB",
"url": "https://research.nccgroup.com/?research=Technical%20advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JMP2-WC4P-WFH2
Vulnerability from github – Published: 2023-05-05 02:25 – Updated: 2023-05-05 02:25Impact
Mutagen command line operations, as well as the log output from mutagen daemon run, are susceptible to control characters that could be provided by remote endpoints. This can cause terminal corruption, either intentional or unintentional, if these characters are present in error messages, file paths/names, and/or log output. This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint. On very old systems with terminals susceptible to issues such as CVE-2003-0069, the issue could theoretically cause code execution.
Patches
The problem has been patched in Mutagen v0.16.6 and v0.17.1. Earlier versions of Mutagen are no longer supported and will not be patched. Versions of Mutagen after v0.18.0 will also have the patch merged.
One caveat is that the templating functionality of Mutagen's list and monitor commands has been only partially patched. In particular, the json template function already provided escaping and no patching was necessary. However, raw template output has been left unescaped because this raw output may be necessary for commands which embed Mutagen. To aid these commands, a new shellSanitize template function has been added which provides control character neutralization in strings.
Workarounds
Avoiding synchronization of untrusted files or interaction with untrusted remote endpoints should mitigate any risk.
References
A similar issue can be seen in kubernetes/kubernetes#101695.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/mutagen-io/mutagen"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.16.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/mutagen-io/mutagen-compose"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.17.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/mutagen-io/mutagen"
},
"ranges": [
{
"events": [
{
"introduced": "0.17.0"
},
{
"fixed": "0.17.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-30844"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-150"
],
"github_reviewed": true,
"github_reviewed_at": "2023-05-05T02:25:00Z",
"nvd_published_at": "2023-05-08T18:15:14Z",
"severity": "LOW"
},
"details": "### Impact\n\nMutagen command line operations, as well as the log output from `mutagen daemon run`, are susceptible to control characters that could be provided by remote endpoints. This can cause terminal corruption, either intentional or unintentional, if these characters are present in error messages, file paths/names, and/or log output. This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint. On very old systems with terminals susceptible to issues such as [CVE-2003-0069](https://nvd.nist.gov/vuln/detail/CVE-2003-0069), the issue could theoretically cause code execution.\n\n\n### Patches\n\nThe problem has been patched in Mutagen v0.16.6 and v0.17.1. Earlier versions of Mutagen are no longer supported and will not be patched. Versions of Mutagen after v0.18.0 will also have the patch merged.\n\nOne caveat is that the templating functionality of Mutagen\u0027s `list` and `monitor` commands has been only partially patched. In particular, the `json` template function already provided escaping and no patching was necessary. However, raw template output has been left unescaped because this raw output may be necessary for commands which embed Mutagen. To aid these commands, a new `shellSanitize` template function has been added which provides control character neutralization in strings.\n\n\n### Workarounds\n\nAvoiding synchronization of untrusted files or interaction with untrusted remote endpoints should mitigate any risk.\n\n\n### References\n\nA similar issue can be seen in kubernetes/kubernetes#101695.\n",
"id": "GHSA-jmp2-wc4p-wfh2",
"modified": "2023-05-05T02:25:00Z",
"published": "2023-05-05T02:25:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/mutagen-io/mutagen/security/advisories/GHSA-jmp2-wc4p-wfh2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30844"
},
{
"type": "PACKAGE",
"url": "https://github.com/mutagen-io/mutagen"
},
{
"type": "WEB",
"url": "https://github.com/mutagen-io/mutagen/releases/tag/v0.16.6"
},
{
"type": "WEB",
"url": "https://github.com/mutagen-io/mutagen/releases/tag/v0.17.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints"
}
GHSA-M4PQ-FV2W-6HRW
Vulnerability from github – Published: 2024-03-05 20:54 – Updated: 2024-06-10 12:32Summary
A maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents.
Details
In the patch for CVE-2023-28446, Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to the program are based on the contents that contain the ANSI escape sequences.
For example, requesting the read permission with /tmp/hello\u001b[/../../etc/hosts as a path will display the /tmp/hellotc/hosts in the permission prompt, but the actual permission given to the program is /tmp/hello\u001b[/../../etc/hosts, which is /etc/hosts after the normalization.
This difference allows a malicious Deno program to spoof the contents of the permission prompt.
PoC
Run the following JavaScript and observe that /tmp/hellotc/hosts is displayed in the permission prompt instead of /etc/hosts, although Deno gives access to /etc/hosts.
const permission = { name: "read", path: "/tmp/hello\u001b[/../../etc/hosts" };
await Deno.permissions.request(permission);
console.log(await Deno.readTextFile("/etc/hosts"));
Expected prompt
┌ ⚠️ Deno requests read access to "/etc/hosts".
├ Requested by `Deno.permissions.query()` API
├ Run again with --allow-read to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) >
Actual prompt
┌ ⚠️ Deno requests read access to "/tmp/hellotc/hosts".
├ Requested by `Deno.permissions.query()` API
├ Run again with --allow-read to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) >
Impact
Any Deno program can spoof the content of the interactive permission prompt by inserting a broken ANSI code, which allows a malicious Deno program to display the wrong file path or program name to the user.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "deno"
},
"ranges": [
{
"events": [
{
"introduced": "1.32.1"
},
{
"fixed": "1.41.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "deno_runtime"
},
"ranges": [
{
"events": [
{
"introduced": "0.103.0"
},
{
"fixed": "0.147.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-27936"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": true,
"github_reviewed_at": "2024-03-05T20:54:14Z",
"nvd_published_at": "2024-03-21T02:52:22Z",
"severity": "HIGH"
},
"details": "### Summary\nA maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents.\n\n### Details\nIn [the patch for CVE-2023-28446](https://github.com/denoland/deno/commit/78d430103a8f6931154ddbbe19d36f3b8630286d), Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to the program are based on the contents that contain the ANSI escape sequences.\n\nFor example, requesting the read permission with `/tmp/hello\\u001b[/../../etc/hosts` as a path will display the `/tmp/hellotc/hosts` in the permission prompt, but the actual permission given to the program is `/tmp/hello\\u001b[/../../etc/hosts`, which is `/etc/hosts` after the normalization.\n\nThis difference allows a malicious Deno program to spoof the contents of the permission prompt.\n\n\n### PoC\nRun the following JavaScript and observe that `/tmp/hellotc/hosts` is displayed in the permission prompt instead of `/etc/hosts`, although Deno gives access to `/etc/hosts`.\n``` javascript\nconst permission = { name: \"read\", path: \"/tmp/hello\\u001b[/../../etc/hosts\" };\nawait Deno.permissions.request(permission);\nconsole.log(await Deno.readTextFile(\"/etc/hosts\"));\n```\n\n#### Expected prompt\n```\n\u250c \u26a0\ufe0f Deno requests read access to \"/etc/hosts\".\n\u251c Requested by `Deno.permissions.query()` API\n\u251c Run again with --allow-read to bypass this prompt.\n\u2514 Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) \u003e\n```\n\n#### Actual prompt\n```\n\u250c \u26a0\ufe0f Deno requests read access to \"/tmp/hellotc/hosts\".\n\u251c Requested by `Deno.permissions.query()` API\n\u251c Run again with --allow-read to bypass this prompt.\n\u2514 Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) \u003e\n\n```\n\n### Impact\nAny Deno program can spoof the content of the interactive permission prompt by inserting a broken ANSI code, which allows a malicious Deno program to display the wrong file path or program name to the user.",
"id": "GHSA-m4pq-fv2w-6hrw",
"modified": "2024-06-10T12:32:57Z",
"published": "2024-03-05T20:54:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/denoland/deno/security/advisories/GHSA-m4pq-fv2w-6hrw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27936"
},
{
"type": "WEB",
"url": "https://github.com/denoland/deno/commit/78d430103a8f6931154ddbbe19d36f3b8630286d"
},
{
"type": "WEB",
"url": "https://github.com/denoland/deno/commit/7e6b94231290020b55f1d08fb03ea8132781abc5"
},
{
"type": "PACKAGE",
"url": "https://github.com/denoland/deno"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Deno\u0027s deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping"
}
Mitigation
Developers should anticipate that escape, meta and control characters/sequences will be injected/removed/manipulated in the input vectors of their product. Use an appropriate combination of denylists and allowlists to ensure only valid, expected and appropriate input is processed by the system.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-28
Strategy: Output Encoding
While it is risky to use dynamically-generated query strings, code, or commands that mix control and data together, sometimes it may be unavoidable. Properly quote arguments and escape any special characters within those arguments. The most conservative approach is to escape or filter all characters that do not pass an extremely strict allowlist (such as everything that is not alphanumeric or white space). If some special characters are still needed, such as white space, wrap each argument in quotes after the escaping/filtering step. Be careful of argument injection (CWE-88).
Mitigation MIT-20
Strategy: Input Validation
Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
Mitigation
When using output from an LLM, neutralize or strip escape codes before redirecting output to the terminal or other rendering engine that would process the codes. The neutralization could require that the character be printable and/or allowable whitespace, such as a carriage return or newline. Be deliberate about what to allow.
Mitigation
When using an LLM: during tokenizer training, suppress escape codes from the tokenizer's vocabulary. Depending on context, this could be accomplished by removing the codes from input to the tokenizer, or removing the map from the string to its token ID. It is generally unlikely that this removal would adversely affect the quality or correctness of what is generated, e.g. advice requests for terminal settings to change colors.
CAPEC-134: Email Injection
An adversary manipulates the headers and content of an email message by injecting data via the use of delimiter characters native to the protocol.
CAPEC-41: Using Meta-characters in E-mail Headers to Inject Malicious Payloads
This type of attack involves an attacker leveraging meta-characters in email headers to inject improper behavior into email programs. Email software has become increasingly sophisticated and feature-rich. In addition, email applications are ubiquitous and connected directly to the Web making them ideal targets to launch and propagate attacks. As the user demand for new functionality in email applications grows, they become more like browsers with complex rendering and plug in routines. As more email functionality is included and abstracted from the user, this creates opportunities for attackers. Virtually all email applications do not list email header information by default, however the email header contains valuable attacker vectors for the attacker to exploit particularly if the behavior of the email client application is known. Meta-characters are hidden from the user, but can contain scripts, enumerations, probes, and other attacks against the user's system.
CAPEC-81: Web Server Logs Tampering
Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.
CAPEC-93: Log Injection-Tampering-Forging
This attack targets the log files of the target host. The attacker injects, manipulates or forges malicious log entries in the log file, allowing them to mislead a log audit, cover traces of attack, or perform other malicious actions. The target host is not properly controlling log access. As a result tainted data is resulting in the log files leading to a failure in accountability, non-repudiation and incident forensics capability.