exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

CVE-2021-42574

Status Candidate

Overview

** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm.

Related Files

Gentoo Linux Security Advisory 202210-09
Posted Oct 17, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-9 - Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service. Versions less than 1.63.0-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-28875, CVE-2021-28876, CVE-2021-28877, CVE-2021-28878, CVE-2021-28879, CVE-2021-29922, CVE-2021-31162, CVE-2021-36317, CVE-2021-36318, CVE-2021-42574, CVE-2021-42694, CVE-2022-21658, CVE-2022-36113, CVE-2022-36114
SHA-256 | dca09c9b5b67deda3afc4870bdc944f1d4ebba1aeff4e66d52165c1fe960a28d
Red Hat Security Advisory 2022-0577-01
Posted Mar 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0577-01 - Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2020-28851, CVE-2020-28852, CVE-2021-29923, CVE-2021-3121, CVE-2021-31525, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3521, CVE-2021-36221, CVE-2021-3712, CVE-2021-42574, CVE-2022-24407
SHA-256 | 46a08de5d03a31ae3c0835a6727df01e33108a18746235e493a42ff7c3841cd4
Red Hat Security Advisory 2022-0595-02
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0595-02 - Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-20321, CVE-2021-23566, CVE-2021-3521, CVE-2021-3712, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-42739, CVE-2021-43565, CVE-2022-0155, CVE-2022-0185, CVE-2022-20612, CVE-2022-20617
SHA-256 | 2598df9c773007328e30775692ba0a74b35fca2f6cdbd52f2b81faf7636ae67b
Red Hat Security Advisory 2022-0735-01
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0735-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include denial of service, open redirection, privilege escalation, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-22963, CVE-2021-3521, CVE-2021-3712, CVE-2021-3807, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-41089, CVE-2021-41091, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-43565, CVE-2021-43816, CVE-2021-43858, CVE-2022-0185, CVE-2022-0235, CVE-2022-24407, CVE-2022-24450
SHA-256 | 0f428578537f68dfaf14cf427f755f1edf5314f8b08ecb6c1be275b4a8bd343e
Red Hat Security Advisory 2022-0431-06
Posted Feb 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0431-06 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes a bug fixes, security patches and new feature enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-29923, CVE-2021-3712, CVE-2021-42574
SHA-256 | 141890ea599d78e3dc568216578cb9ae701e774ab80404ed6c5b2fea5b1c6afc
Red Hat Security Advisory 2022-0191-03
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0191-03 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.2 images.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-31525, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-42574, CVE-2021-43527
SHA-256 | ff212f83b966f05194a3c89d8842a710d265243e5de79983a7c1b64df072bee3
Red Hat Security Advisory 2022-0047-03
Posted Jan 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0047-03 - Openshift Logging Bug Fix Release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-20321, CVE-2021-3712, CVE-2021-42574, CVE-2021-45105
SHA-256 | 75732aa539f8c93b32f7bd1b2b848d4871ecbdfe2368bcf7c6c0ccae796ed3ea
Red Hat Security Advisory 2022-0044-06
Posted Jan 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0044-06 - OpenShift Logging Bug Fix Release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-36327, CVE-2021-20321, CVE-2021-3712, CVE-2021-42574, CVE-2021-45105
SHA-256 | c565c4389f96bbb112673b62c18246178afcc0355fc11d803be3172c0bf9bd68
Red Hat Security Advisory 2022-0043-03
Posted Jan 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0043-03 - Openshift Logging Bug Fix Release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-20321, CVE-2021-3712, CVE-2021-42574, CVE-2021-45105
SHA-256 | d079fae8eb6ceb0252d08a240487c22383dcf81abdfd564e1d20dca27bc428a5
Red Hat Security Advisory 2022-0042-03
Posted Jan 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0042-03 - Openshift Logging Bug Fix Release. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-20321, CVE-2021-3712, CVE-2021-42574, CVE-2021-45105
SHA-256 | cfa0dd01e2a218c20f34cb015fcdf1836f9175ef7da664dff678a0cd546ea25f
Red Hat Security Advisory 2022-0034-01
Posted Jan 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0034-01 - Red Hat Single Sign-On 7.5 container images for IBM P/Z, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This is a security update Red Hat Single Sign-On 7.5, and includes one security fix.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-3712, CVE-2021-4133, CVE-2021-42574
SHA-256 | 899c5aede2bdbf0a841dfc7a5c2c675d9f354dca8bba0d2ae94074c90690b3b4
Red Hat Security Advisory 2022-0015-01
Posted Jan 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0015-01 - Red Hat Single Sign-On 7.5 container images, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This is a security update Red Hat Single Sign-On 7.5, and includes one security fix.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-3712, CVE-2021-4133, CVE-2021-42574
SHA-256 | 0575dadfa587229dd808830d0bc7c86a64e5a167c637b0efbf58646786a84e63
Red Hat Security Advisory 2021-4743-03
Posted Nov 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4743-03 - LLVM Toolset provides the LLVM compiler infrastructure framework, the Clang compiler for the C and C++ languages, the LLDB debugger, and related tools for code analysis.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | cc2f2c61da319fd573e3a950f95a76aa25b7bd22cc9d81900456a9a34f9653ed
Red Hat Security Advisory 2021-4730-02
Posted Nov 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4730-02 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | f4f0ef49a0c10ad00a45b1f00454c4fbdf101526c0cfd20a5ceb40c53c15a743
Red Hat Security Advisory 2021-4729-02
Posted Nov 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4729-02 - Annobin provides a compiler plugin to annotate and tools to examine compiled binary files.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | 8f3fa2ddc46c9d37d60038ec202cddf871dbddf426fbd160c852323efe4a3975
Red Hat Security Advisory 2021-4724-03
Posted Nov 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4724-03 - Annobin provides a compiler plugin to annotate and tools to examine compiled binary files.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | 812135291785f3124c9e9447c23edd6f94d3651d233ea05dec299b4203bc1f3d
Red Hat Security Advisory 2021-4723-04
Posted Nov 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4723-04 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | 9ea2625367ea9090fdc782d35e26a24163a18f99c62535d65f0556038ccb5c68
Red Hat Security Advisory 2021-4694-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4694-01 - Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | ca09c474f0e91e916347044487070614fd45a0877ca9ed6745c44852d1a17b65
Red Hat Security Advisory 2021-4649-01
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4649-01 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | a58b05ca681624093a7330aa2f09cbeeebfce1623107979776837b8c50b68320
Red Hat Security Advisory 2021-4669-01
Posted Nov 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4669-01 - The GNU Compiler Collection is a portable compiler suite with support for various programming languages, including C, C++, and Fortran. The devtoolset-11-gcc packages provide the Red Hat Developer Toolset version of GCC, as well as related libraries.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | 459972c29cdbff9e3cc28bc5ad70954b396ed951f4223eccd73916aad00c4667
Red Hat Security Advisory 2021-4593-04
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4593-04 - Annobin provides a compiler plugin to annotate and tools to examine compiled binary files.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | f368e0bd409da19d17cad8637fb14018bb40c0e3898954b45527f1a056f85d64
Red Hat Security Advisory 2021-4589-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4589-03 - Annobin provides a compiler plugin to annotate and tools to examine compiled binary files.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | c2da39adbd4bb2a714987bd8e9f26772da5eb3ddf0a880f9d1c2d70199a428df
Red Hat Security Advisory 2021-4586-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4586-03 - The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | b30206a21a3ebeac43ba09de8fd87c2f8e056fa2e633fe8611e6775a2e6449ca
Red Hat Security Advisory 2021-4585-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4585-03 - The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | 9a4c6e3a05d5ae4c6671077ad3a63188b2272be1c50b40c72166ab172015c838
Red Hat Security Advisory 2021-4595-04
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4595-04 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-42574
SHA-256 | a4b4fd0f40e633268fb238c60a0c3924489f941b1cd591205041aee026c394ac
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close