exploitDog

GHSA-46h7-97pw-fqv3

Опубликовано: 17 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.

In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.

Ссылки

EPSS

Процентиль: 24%

0.0008

Низкий

6.5 Medium

CVSS3

CVE ID

Связанные уязвимости

CVE-2023-31847

CVSS3: 6.5

nvd

больше 2 лет назад

In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.

EPSS

Процентиль: 24%

0.0008

Низкий

6.5 Medium

CVSS3

CVE ID