CVE-2020-5682

Опубликовано: 16 дек. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier allows remote attackers to cause a denial of service via unspecified vectors.

Ссылки

https://github.com/weseek/growi
Product
Third Party Advisory
https://hub.docker.com/r/weseek/growi/
Product
Third Party Advisory
https://jvn.jp/en/jp/JVN94169589/index.html
Third Party Advisory
https://github.com/weseek/growi
Product
Third Party Advisory
https://hub.docker.com/r/weseek/growi/
Product
Third Party Advisory
https://jvn.jp/en/jp/JVN94169589/index.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:weseek:growi:*:*:*:*:*:*:*:*

Версия до 3.8.2 (включая)

cpe:2.3:a:weseek:growi:*:*:*:*:*:*:*:*

Версия от 4.1.0 (включая) до 4.1.12 (исключая)

cpe:2.3:a:weseek:growi:*:*:*:*:*:*:*:*

Версия от 4.2.0 (включая) до 4.2.3 (исключая)

EPSS

Процентиль: 74%

0.00846

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-38q3-wx89-qvg5

github

больше 3 лет назад

EPSS

Процентиль: 74%

0.00846

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20