Описание
An issue was discovered in Croc through 9.6.5. A sender may place ANSI or CSI escape sequences in a filename to attack the terminal device of a receiver.
Ссылки
- Mailing List
- ExploitIssue TrackingThird Party Advisory
- ExploitMailing ListThird Party Advisory
- Mailing List
- ExploitIssue TrackingThird Party Advisory
- ExploitMailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.6.5 (включая)
cpe:2.3:a:schollz:croc:*:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00038
Низкий
7.8 High
CVSS3
Дефекты
CWE-116
Связанные уязвимости
CVSS3: 7.8
debian
больше 2 лет назад
An issue was discovered in Croc through 9.6.5. A sender may place ANSI ...
CVSS3: 7.8
github
больше 2 лет назад
Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device
EPSS
Процентиль: 11%
0.00038
Низкий
7.8 High
CVSS3
Дефекты
CWE-116