GHSA-27hj-48r9-x2vx

Опубликовано: 01 окт. 2025

Источник: github

Github: Прошло ревью

CVSS3: 8.8

Описание

Dolibarr vulnerable to RCE via the computed field parameter

Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter.

Ссылки

Пакеты

Наименование

dolibarr/dolibarr

composer

Затронутые версииВерсия исправления

< 21.0.3

21.0.3

EPSS

Процентиль: 54%

0.00315

Низкий

8.8 High

CVSS3

CVE ID

CVE-2025-56588

Дефекты

CWE-94

Связанные уязвимости

CVE-2025-56588

CVSS3: 8.8

ubuntu

4 месяца назад

Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter.

CVE-2025-56588

CVSS3: 8.8

nvd

4 месяца назад

Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter.

CVE-2025-56588

CVSS3: 8.8

debian

4 месяца назад

Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code ex ...

EPSS

Процентиль: 54%

0.00315

Низкий

8.8 High

CVSS3

CVE ID

CVE-2025-56588

Дефекты

CWE-94