CVE-2015-10023

Опубликовано: 07 янв. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 9.8

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability classified as critical has been found in Fumon trello-octometric. This affects the function main of the file metrics-ui/server/srv.go. The manipulation of the argument num leads to sql injection. The patch is named a1f1754933fbf21e2221fbc671c81a47de6a04ef. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217611.

Ссылки

https://github.com/Fumon/trello-octometric/commit/a1f1754933fbf21e2221fbc671c81a47de6a04ef
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217611
Third Party Advisory
https://vuldb.com/?id.217611
Third Party Advisory
https://github.com/Fumon/trello-octometric/commit/a1f1754933fbf21e2221fbc671c81a47de6a04ef
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217611
Third Party Advisory
https://vuldb.com/?id.217611
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trello-octometric_project:trello-octometric:*:*:*:*:*:*:*:*

Версия до 25-01-2015 (исключая)

EPSS

Процентиль: 53%

0.00297

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-jwwx-34fw-897h

CVSS3: 9.8

github

около 3 лет назад

A vulnerability classified as critical has been found in Fumon trello-octometric. This affects the function main of the file metrics-ui/server/srv.go. The manipulation of the argument num leads to sql injection. The name of the patch is a1f1754933fbf21e2221fbc671c81a47de6a04ef. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217611.

EPSS

Процентиль: 53%

0.00297

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89