exploitDog

CVE-2024-22086

Опубликовано: 05 янв. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

handle_request in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution.

Ссылки

https://github.com/hayyp/cherry/issues/1
Exploit
Issue Tracking
Mitigation
Third Party Advisory
https://github.com/hayyp/cherry/issues/1
Exploit
Issue Tracking
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hayyp:cherry:*:*:*:*:*:*:*:*

Версия до 2021-01-05 (включая)

EPSS

Процентиль: 90%

0.05833

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

CWE-787

Связанные уязвимости

GHSA-895h-3m6x-8h8x

CVSS3: 9.8

github

около 2 лет назад

handle_request in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution.

EPSS

Процентиль: 90%

0.05833

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

CWE-787