exploitDog

CVE-2013-4318

Опубликовано: 26 дек. 2019

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.

Ссылки

http://www.openwall.com/lists/oss-security/2013/09/09/10
Exploit
Mailing List
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2013-4318
Third Party Advisory
http://www.openwall.com/lists/oss-security/2013/09/09/10
Exploit
Mailing List
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2013-4318
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:feature_project:feature:0.3.0:*:*:*:*:ruby:*:*

EPSS

Процентиль: 47%

0.00244

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-42gq-h7xj-33r4

CVSS3: 5.4

github

почти 4 года назад

Features file injection vulnerability

EPSS

Процентиль: 47%

0.00244

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-74