ALAS2-2022-1784 — Vulnetix

ALAS2-2022-1784 PUBLISHED

Affected Products

Vendor	Product	Versions
Amazon	gcc10, gcc

Exploit Intelligence

POC of CVE-2021-42574 for solidity and solc compiler (github-poc-repo)
Checks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks. See CVE-2021-42574 (github-poc-repo)
A GitHub Action to find Unicode control characters using the Red Hat diagnostic tool https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 to detect RHSB-2021-007 Trojan source attacks (CVE-2021-42574,CVE-2021-42694) (github-poc-repo)
Generate malicious files using recently published bidi-attack (CVE-2021-42574) (github-poc-repo)
Scan code for invisible bidirectional Unicode characters (Trojan Source attack prevention, CVE-2021-42574) (github-poc-repo)
Scan code for invisible bidirectional Unicode characters (Trojan Source attack prevention, CVE-2021-42574) (github-poc)
POC of CVE-2021-42574 for solidity and solc compiler (github-poc)
waseeld/CVE-2021-42574 (github-poc)
A GitHub Action to find Unicode control characters using the Red Hat diagnostic tool https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 to detect RHSB-2021-007 Trojan source attacks (CVE-2021-42574,CVE-2021-42694) (github-poc)
Checks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks. See CVE-2021-42574 (github-poc)

…and 6 more exploits

Timeline

Apr 27, 2022 CVE Published

References

ALAS2-2022-1784: gcc10, gcc (medium) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›