Описание
service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. NOTE: this finding could not be reproduced by its original reporter or by others.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:service_project:service:-:*:*:*:*:go:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-426
Связанные уязвимости
CVSS3: 7.8
ubuntu
почти 4 года назад
service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. NOTE: this finding could not be reproduced by its original reporter or by others.
CVSS3: 7.8
debian
почти 4 года назад
service_windows.go in the kardianos service package for Go omits quoti ...
CVSS3: 7.8
github
почти 4 года назад
Disputed: OS Command injection in github.com/kardianos/service
EPSS
Процентиль: 20%
0.00063
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-426