exploitDog

CVE-2022-35131

Опубликовано: 25 июл. 2022

Источник: nvd

CVSS3: 9

EPSS Средний

Описание

Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles.

Ссылки

http://joplin.com
Broken Link
https://github.com/laurent22/joplin/releases/tag/v2.9.1
Release Notes
Third Party Advisory
https://github.com/ly1g3/Joplin-CVE-2022-35131
Exploit
Third Party Advisory
http://joplin.com
Broken Link
https://github.com/laurent22/joplin/releases/tag/v2.9.1
Release Notes
Third Party Advisory
https://github.com/ly1g3/Joplin-CVE-2022-35131
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:joplinapp:joplin:2.8.8:*:*:*:*:-:*:*

EPSS

Процентиль: 94%

0.14686

Средний

9 Critical

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-35131

CVSS3: 9

debian

больше 3 лет назад

Joplin v2.8.8 allows attackers to execute arbitrary commands via a cra ...

GHSA-ww2v-frv5-pj5x

CVSS3: 9

github

больше 3 лет назад

Joplin is vulnerable to arbitrary code execution

EPSS

Процентиль: 94%

0.14686

Средний

9 Critical

CVSS3

Дефекты

CWE-79