CVE-2016-15021

Опубликовано: 17 янв. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 9.8

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability was found in nickzren alsdb. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version v2 is able to address this issue. The identifier of the patch is cbc79a68145e845f951113d184b4de207c341599. It is recommended to upgrade the affected component. The identifier VDB-218429 was assigned to this vulnerability.

Ссылки

https://github.com/nickzren/alsdb/commit/cbc79a68145e845f951113d184b4de207c341599
Patch
Third Party Advisory
https://github.com/nickzren/alsdb/releases/tag/v2
Release Notes
Third Party Advisory
https://vuldb.com/?ctiid.218429
Permissions Required
Third Party Advisory
VDB Entry
https://vuldb.com/?id.218429
Third Party Advisory
VDB Entry
https://github.com/nickzren/alsdb/commit/cbc79a68145e845f951113d184b4de207c341599
Patch
Third Party Advisory
https://github.com/nickzren/alsdb/releases/tag/v2
Release Notes
Third Party Advisory
https://vuldb.com/?ctiid.218429
Permissions Required
Third Party Advisory
VDB Entry
https://vuldb.com/?id.218429
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:columbia:als_data_browser:1:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00726

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-r74c-ppq4-773h

CVSS3: 9.8

github

около 3 лет назад

A vulnerability was found in nickzren alsdb. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version v2 is able to address this issue. The name of the patch is cbc79a68145e845f951113d184b4de207c341599. It is recommended to upgrade the affected component. The identifier VDB-218429 was assigned to this vulnerability.

EPSS

Процентиль: 72%

0.00726

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89