Описание
In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution.
Ссылки
- Product
- ExploitIssue Tracking
- Product
- ExploitIssue Tracking
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.0 (включая)
cpe:2.3:a:ncia:advisor_network:*:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00028
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-476
Связанные уязвимости
CVSS3: 5.5
github
больше 2 лет назад
In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution.
EPSS
Процентиль: 8%
0.00028
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-476