exploitDog

CVE-2017-16521

Опубликовано: 10 нояб. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used.

Ссылки

https://gitlab.com/inedo/buildmaster/commit/4f4c737fefe44c3227535946f535fb7ef468d721
Permissions Required
https://inedo.com/blog/buildmaster-582-released
Release Notes
Vendor Advisory
https://inedo.com/buildmaster/versions#v5.8
Release Notes
Vendor Advisory
https://inedo.myjetbrains.com/youtrack/issue/BM-3108
Vendor Advisory
https://inedo.myjetbrains.com/youtrack/issue/EDO-3334
Permissions Required
https://gitlab.com/inedo/buildmaster/commit/4f4c737fefe44c3227535946f535fb7ef468d721
Permissions Required
https://inedo.com/blog/buildmaster-582-released
Release Notes
Vendor Advisory
https://inedo.com/buildmaster/versions#v5.8
Release Notes
Vendor Advisory
https://inedo.myjetbrains.com/youtrack/issue/BM-3108
Vendor Advisory
https://inedo.myjetbrains.com/youtrack/issue/EDO-3334
Permissions Required

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:inedo:buildmaster:*:*:*:*:*:*:*:*

Версия до 5.8.2 (исключая)

EPSS

Процентиль: 73%

0.0078

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-m99p-q5j3-rj3r

CVSS3: 9.8

github

больше 3 лет назад

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used.

EPSS

Процентиль: 73%

0.0078

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo