Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-36777

Опубликовано: 09 мар. 2022
Источник: nvd
CVSS3: 8.1
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:opensuse:open_build_service:*:*:*:*:*:*:*:*
Версия до 2021-10-08 (исключая)

EPSS

Процентиль: 53%
0.00307
Низкий

8.1 High

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-807
NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-3pc4-pj89-2j67

CVSS3: 8.8
github
почти 4 года назад

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef.

EPSS

Процентиль: 53%
0.00307
Низкий

8.1 High

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-807
NVD-CWE-Other