CVE-2018-14055

Опубликовано: 15 июл. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4

CVSS3: 6.5

Описание

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	released	1.6.6-1ubuntu0.1
devel	released	1.7.1-1
esm-apps/bionic	released	1.6.6-1ubuntu0.1
esm-apps/xenial	released	1.6.3-1ubuntu0.1
esm-infra-legacy/trusty	released	1.2-3ubuntu0.1
precise/esm	DNE
trusty	released	1.2-3ubuntu0.1
trusty/esm	released	1.2-3ubuntu0.1
upstream	released	1.7.1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%

0.00377

Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2018-14055

CVSS3: 6.5

nvd

больше 7 лет назад

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

CVE-2018-14055

CVSS3: 6.5

debian

больше 7 лет назад

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming ...

GHSA-jwph-8hwh-5w78

CVSS3: 6.5

github

больше 3 лет назад

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

openSUSE-SU-2018:2231-1

suse-cvrf

больше 7 лет назад

Security update for znc

openSUSE-SU-2018:2228-1

suse-cvrf

больше 7 лет назад

Security update for znc

EPSS

Процентиль: 59%

0.00377

Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2018-14055

Описание

Пакет znc

Ссылки на источники

Связанные уязвимости