exploitDog

CVE-2013-7378

Опубликовано: 12 фев. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands.

Ссылки

http://www.openwall.com/lists/oss-security/2014/05/13/1
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/05/15/2
Mailing List
Third Party Advisory
https://github.com/github/hubot-scripts/commit/feee5abdb038a229a98969ae443cdb8a61747782
Patch
Third Party Advisory
https://web.archive.org/web/20140731222413/https://nodesecurity.io/advisories/Hubot_Potential_command_injection_in_email.coffee
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/05/13/1
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/05/15/2
Mailing List
Third Party Advisory
https://github.com/github/hubot-scripts/commit/feee5abdb038a229a98969ae443cdb8a61747782
Patch
Third Party Advisory
https://web.archive.org/web/20140731222413/https://nodesecurity.io/advisories/Hubot_Potential_command_injection_in_email.coffee
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hubot_scripts_project:hubot_scripts:*:*:*:*:*:node.js:*:*

Версия до 2.4.4 (исключая)

EPSS

Процентиль: 83%

0.02011

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

Связанные уязвимости

CVE-2013-7378

CVSS3: 9.8

ubuntu

почти 6 лет назад

scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands.

GHSA-hwch-749c-rv63

CVSS3: 9.8

github

больше 5 лет назад

Potential Command Injection in hubot-scripts

EPSS

Процентиль: 83%

0.02011

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74