CVE-2023-34758: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
(updated )
Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) in github.com/bishopfox/sliver.
References
- github.com/BishopFox/sliver/blob/master/implant/sliver/cryptography/crypto.go
- github.com/BishopFox/sliver/blob/master/implant/sliver/cryptography/implant.go
- github.com/BishopFox/sliver/commit/2d1ea6192cac2ff9d6450b2d96043fdbf8561516
- github.com/BishopFox/sliver/releases/tag/v1.5.40
- github.com/BishopFox/sliver/security/advisories/GHSA-8jxm-xp43-qh3q
- github.com/advisories/GHSA-8jxm-xp43-qh3q
- github.com/tangent65536/Slivjacker
- nvd.nist.gov/vuln/detail/CVE-2023-35170
Detect and mitigate CVE-2023-34758 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →