GHSA-7g3v-4ggr-xvjf

Опубликовано: 20 сент. 2023

Источник: github

Github: Прошло ревью

CVSS3: 4.7

Описание

Croc may expose secret to local users

An issue was discovered in Croc before 9.6.16. The shared secret, located on a command line, can be read by local users who list all processes and their arguments.

Ссылки

Пакеты

Наименование

github.com/schollz/croc/v9

Затронутые версииВерсия исправления

< 9.6.16

9.6.16

EPSS

Процентиль: 13%

0.00042

Низкий

4.7 Medium

CVSS3

CVE ID

CVE-2023-43621

Связанные уязвимости

CVE-2023-43621

CVSS3: 4.7

nvd

больше 2 лет назад

An issue was discovered in Croc through 9.6.5. The shared secret, located on a command line, can be read by local users who list all processes and their arguments.

CVE-2023-43621

CVSS3: 4.7

debian

больше 2 лет назад

An issue was discovered in Croc through 9.6.5. The shared secret, loca ...

EPSS

Процентиль: 13%

0.00042

Низкий

4.7 Medium

CVSS3

CVE ID

CVE-2023-43621