GHSA-c2v5-gh46-7gpc

Опубликовано: 13 апр. 2022

Источник: github

Github: Не прошло ревью

Описание

Apostrophe v3.16.1 was discovered to contain a remote code execution (RCE) vulnerability via the component uploadfs.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2022-28396
https://www.npmjs.com/package/apostrophe

CVE ID

CVE-2022-28396

Связанные уязвимости

CVE-2022-28396

nvd

почти 4 года назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

CVE ID

CVE-2022-28396