exploitDog

CVE-2023-27848

Опубликовано: 24 апр. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

broccoli-compass v0.2.4 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function.

Ссылки

https://github.com/omnitaint/Vulnerability-Reports/blob/9d65add2bca71ed6d6b2e281ee6790a12504ff8e/reports/broccoli-compass/report.md
Exploit
Third Party Advisory
https://www.npmjs.com/package/broccoli-compass
Product
https://github.com/omnitaint/Vulnerability-Reports/blob/9d65add2bca71ed6d6b2e281ee6790a12504ff8e/reports/broccoli-compass/report.md
Exploit
Third Party Advisory
https://www.npmjs.com/package/broccoli-compass
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:broccoli-compass_project:broccoli-compass:0.2.4:*:*:*:*:node.js:*:*

EPSS

Процентиль: 90%

0.05955

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-77

CWE-77

Связанные уязвимости

GHSA-wq8f-xmq3-5vq9

CVSS3: 9.8

github

почти 3 года назад

Remote code execution in broccoli-compass

EPSS

Процентиль: 90%

0.05955

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-77

CWE-77