exploitDog

GHSA-g3qf-pqh8-4q8m

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.

Ссылки

EPSS

Процентиль: 44%

0.00212

Низкий

9.1 Critical

CVSS3

CVE ID

CVE-2018-1000138

Дефекты

CWE-918

Связанные уязвимости

CVE-2018-1000138

CVSS3: 9.1

nvd

почти 8 лет назад

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.

CVE-2018-1000138

CVSS3: 9.1

debian

почти 8 лет назад

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in ...

EPSS

Процентиль: 44%

0.00212

Низкий

9.1 Critical

CVSS3

CVE ID

CVE-2018-1000138

Дефекты

CWE-918