CVE-2020-13802

Опубликовано: 02 сент. 2020

Источник: debian

Описание

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.

Пакет	Статус	Версия исправления	Релиз	Тип
rebar3	not-affected			package

https://github.com/erlang/rebar3/pull/2302
https://github.com/erlang/rebar3/commit/2e2d1a6bb141a969b6483e082a2afd361fc2ece2

CVE-2020-13802

CVSS3: 9.8

ubuntu

больше 5 лет назад

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.

CVE-2020-13802

CVSS3: 9.8

nvd

больше 5 лет назад

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.

GHSA-fj2j-8cg9-vrj8

github

больше 3 лет назад

The rebar3 tool 3.0.0-beta.3 through 3.13.2 for Erlang allows remote code execution.