CVE-2020-15660

Опубликовано: 20 июл. 2021

Источник: debian

Описание

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
geckodriver	itp			package

Связанные уязвимости

CVE-2020-15660

CVSS3: 8.8

ubuntu

больше 4 лет назад

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.

CVE-2020-15660

CVSS3: 8.8

redhat

больше 4 лет назад

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.

CVE-2020-15660

CVSS3: 8.8

nvd

больше 4 лет назад

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.

GHSA-jxv7-gvxq-248q

github

больше 3 лет назад

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.