Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-3953

Опубликовано: 06 фев. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

The sample web application in web2py before 2.14.2 might allow remote attackers to execute arbitrary code via vectors involving use of a hardcoded encryption key when calling the session.connect function.

РелизСтатусПримечание
artful

ignored

end of life
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

released

2.12.3-1ubuntu0.1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [code not present]]
precise/esm

DNE

trusty

not-affected

code not present
trusty/esm

DNE

trusty was not-affected [code not present]

Показывать по

Ссылки на источники

EPSS

Процентиль: 81%
0.01507
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

nvd логотип

CVE-2016-3953

CVSS3: 9.8
nvd
около 8 лет назад

The sample web application in web2py before 2.14.2 might allow remote attackers to execute arbitrary code via vectors involving use of a hardcoded encryption key when calling the session.connect function.

debian логотип

CVE-2016-3953

CVSS3: 9.8
debian
около 8 лет назад

The sample web application in web2py before 2.14.2 might allow remote ...

github логотип

GHSA-q2rq-qgcf-m22w

CVSS3: 9.8
github
больше 3 лет назад

web2py remote code execution via hardcoded encryption key in session.connect function

EPSS

Процентиль: 81%
0.01507
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3