LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.3	CVE-2026-35373	uutils coreutils ln Local Denial of Service via Improper Handling of Non-UTF-8 Filenames_CVE-2026-35373 A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.3	CVE-2026-35371	uutils coreutils id Misleading Identity Reporting in Pretty Print Mode_CVE-2026-35371 The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The impleme...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.3	CVE-2026-35367	uutils coreutils nohup Information Disclosure via Insecure Default Output Permissions_CVE-2026-35367 The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes t...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.6	CVE-2026-35362	uutils coreutils Missing TOCTOU Protection on Non-Linux Unix Platforms in Safe Traversal Module_CVE-2026-35362 The safe_traversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use (TOCTOU) symlink races using file-des...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.4	CVE-2026-35361	uutils coreutils mknod Security Label Inconsistency and Broken Cleanup on SELinux Systems_CVE-2026-35361 The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If la...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.3	CVE-2026-35353	uutils coreutils mkdir Permission Exposure Race Condition with -m_CVE-2026-35353 The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by creating a directory with umask-derived permissions...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.3	CVE-2026-35346	uutils coreutils comm Silent Data Corruption via Lossy UTF-8 Normalization_CVE-2026-35346 The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses Strin...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.3	CVE-2026-35344	uutils coreutils dd Silent Data Corruption via Unconditional Truncation Error Suppression_CVE-2026-35344 The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attemp...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.3	CVE-2026-35343	uutils coreutils cut Inconsistent Output Suppression with Newline Delimiters_CVE-2026-35343 The cut utility in uutils coreutils incorrectly handles the -s (only-delimited) option when a newline character is specified as the delimiter. The ...	Uutils	coreutils	Apr 22, 2026	CVE
LOW 3.3	CVE-2026-35342	uutils coreutils mktemp Insecure Temporary File Placement via Empty TMPDIR_CVE-2026-35342 The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU mktemp, which falls back to /tmp w...	Uutils	coreutils	Apr 22, 2026	CVE