GHSA-j2cq-h6v2-f875

Опубликовано: 17 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

phpMyAdmin Cookie attribute injection attack

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

Ссылки

Пакеты

Наименование

phpmyadmin/phpmyadmin

composer

Затронутые версииВерсия исправления

>= 4.6, < 4.6.6

4.6.6

EPSS

Процентиль: 59%

0.00392

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-1000016

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-1000016

CVSS3: 7.5

ubuntu

около 8 лет назад

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

CVE-2017-1000016

CVSS3: 7.5

nvd

около 8 лет назад

A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.

CVE-2017-1000016

CVSS3: 7.5

debian

около 8 лет назад

A weakness was discovered where an attacker can inject arbitrary value ...

EPSS

Процентиль: 59%

0.00392

Низкий

7.5 High

CVSS3

CVE ID

CVE-2017-1000016

Дефекты

CWE-20