Описание
The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content.
Ссылки
- Vendor Advisory
- ExploitVendor Advisory
- Vendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0 (включая) до 3.5.17.0 (исключая)
cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.0026
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content.
EPSS
Процентиль: 49%
0.0026
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
NVD-CWE-noinfo