Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-24828

Опубликовано: 13 апр. 2022
Источник: nvd
CVSS3: 8.3
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call VcsDriver::getFileContent can have a code injection vulnerability if the user can control the $file or $identifier argument. This leads to a vulnerability on packagist.org for example where the composer.json's readme field can be used as a vector for injecting parameters into hg/Mercurial via the $file argument, or git via the $identifier argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call getFileContent with arbitrary data into $file/$identifier. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*
Версия до 1.10.26 (исключая)
cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*
Версия от 2.0.0 (включая) до 2.2.12 (исключая)
cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*
Версия от 2.3.0 (включая) до 2.3.5 (исключая)
Конфигурация 2
cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
Версия до 5.21.0 (исключая)
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

EPSS

Процентиль: 65%
0.00504
Низкий

8.3 High

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20
CWE-88

Связанные уязвимости

ubuntu логотип

CVE-2022-24828

CVSS3: 8.3
ubuntu
около 3 лет назад

Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json's `readme` field can be used as a vector for injecting parameters into hg/Mercurial via the `$file` argument, or git via the `$identifier` argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call `getFileContent` with arbitrary data into `$file`/`$identifier`. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.

debian логотип

CVE-2022-24828

CVSS3: 8.3
debian
около 3 лет назад

Composer is a dependency manager for the PHP programming language. Int ...

suse-cvrf логотип

SUSE-SU-2022:3020-1

suse-cvrf
почти 3 года назад

Security update for php-composer2

github логотип

GHSA-x7cr-6qr6-2hh6

CVSS3: 8.3
github
около 3 лет назад

Missing input validation can lead to command execution in composer

fstec логотип

BDU:2022-02944

CVSS3: 8.3
fstec
около 3 лет назад

Уязвимость реализации метода VcsDriver::getFileContent() менеджера зависимостей для PHP Composer, позволяющая нарушителю выполнить произвольные команды

EPSS

Процентиль: 65%
0.00504
Низкий

8.3 High

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20
CWE-88