Описание
Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.
Ссылки
- Mailing ListThird Party Advisory
- Broken LinkThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Broken LinkThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.3.10 (включая)
cpe:2.3:a:tucaneando:tucan:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02431
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.1
ubuntu
почти 6 лет назад
Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.
CVSS3: 8.1
debian
почти 6 лет назад
Insecure plugin update mechanism in tucan through 0.3.10 could allow r ...
github
почти 4 года назад
Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.
EPSS
Процентиль: 85%
0.02431
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
NVD-CWE-noinfo