Описание
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter.
Ссылки
- ExploitIssue TrackingPatchVendor Advisory
- ExploitPatchVendor Advisory
- Patch
- ExploitIssue TrackingPatchVendor Advisory
- ExploitPatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 3.9.0 (включая)
cpe:2.3:a:pf4j_project:pf4j:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00563
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 2 лет назад
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter.
CVSS3: 7.5
debian
больше 2 лет назад
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to o ...
CVSS3: 7.5
github
больше 2 лет назад
pf4j vulnerable to remote code execution via loadpluginPath parameter
EPSS
Процентиль: 68%
0.00563
Низкий
7.5 High
CVSS3
Дефекты
CWE-22