exploitDog

GHSA-vm9x-85qm-fvq3

Опубликовано: 22 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.2

Описание

The api /api/snapshot and /api/get_log_file would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues.

The api /api/snapshot and /api/get_log_file would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues.

Ссылки

EPSS

Процентиль: 59%

0.00384

Низкий

8.2 High

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2023-41314

CVSS3: 8.2

nvd

около 2 лет назад

The api /api/snapshot and /api/get_log_file would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues.

EPSS

Процентиль: 59%

0.00384

Низкий

8.2 High

CVSS3

CVE ID

Дефекты

CWE-863