exploitDog

GHSA-q537-77j4-xv6x

Опубликовано: 11 дек. 2021

Источник: github

Github: Не прошло ревью

Описание

Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could lead to man-in-the-middle attacks.

Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could lead to man-in-the-middle attacks.

Ссылки

EPSS

Процентиль: 28%

0.00102

Низкий

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2021-31747

CVSS3: 4.8

nvd

около 4 лет назад

Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could lead to man-in-the-middle attacks.

EPSS

Процентиль: 28%

0.00102

Низкий

CVE ID

Дефекты

CWE-295