CVE-2015-10035

Опубликовано: 09 янв. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 9.8

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability was found in gperson angular-test-reporter and classified as critical. This issue affects the function getProjectTables/addTest of the file rest-server/data-server.js. The manipulation leads to sql injection. The patch is named a29d8ae121b46ebfa96a55a9106466ab2ef166ae. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217715.

Ссылки

https://github.com/gperson/angular-test-reporter/commit/a29d8ae121b46ebfa96a55a9106466ab2ef166ae
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217715
Third Party Advisory
https://vuldb.com/?id.217715
Third Party Advisory
https://github.com/gperson/angular-test-reporter/commit/a29d8ae121b46ebfa96a55a9106466ab2ef166ae
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217715
Third Party Advisory
https://vuldb.com/?id.217715
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:angular-test-reporter_project:angular-test-reporter:*:*:*:*:*:*:*:*

Версия до 2015-01-07 (исключая)

EPSS

Процентиль: 16%

0.00053

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-xwgm-fp55-vxq4

CVSS3: 9.8

github

больше 2 лет назад

A vulnerability was found in gperson angular-test-reporter and classified as critical. This issue affects the function getProjectTables/addTest of the file rest-server/data-server.js. The manipulation leads to sql injection. The name of the patch is a29d8ae121b46ebfa96a55a9106466ab2ef166ae. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217715.

EPSS

Процентиль: 16%

0.00053

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89