Опубликовано: 02 янв. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5
Описание
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via the web application.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | not-affected | |
| precise/esm | DNE | |
| trusty | not-affected | |
| trusty/esm | not-affected | |
| upstream | not-affected |
Показывать по
10
EPSS
Процентиль: 59%
0.0038
Низкий
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
около 8 лет назад
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via the web application.
CVSS3: 7.5
debian
около 8 лет назад
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar functio ...
EPSS
Процентиль: 59%
0.0038
Низкий
5 Medium
CVSS2
7.5 High
CVSS3