Описание
The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.
Ссылки
- PatchVendor Advisory
- Third Party Advisory
- PatchThird Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party Advisory
- PatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:unadf_project:unadf:1.0:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09936
Низкий
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 9 лет назад
The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.
CVSS3: 8.8
debian
больше 9 лет назад
The extractTree function in unADF allows remote attackers to execute a ...
CVSS3: 8.8
github
больше 3 лет назад
The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.
EPSS
Процентиль: 93%
0.09936
Низкий
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-20