Findings for Container Security, Low, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Inappropriate Encoding for Output Context
Created by: armorcodegithubpreprod[bot]
Findings for Container Security, Low, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Inappropriate Encoding for Output Context
Component Details
- Exploit Maturity: mature
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >*
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream openssh
package.
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
References
- Debian Security Tracker
- Exploit DB
- Gentoo Security Advisory
- MISC
- MISC
- MISC
- Netapp Security Advisory
- Ubuntu CVE Tracker
Origin : null Type : null Image Id : null
Snyk Project Status: Active