CVE-2020-11441

Опубликовано: 31 мар. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.1

Описание

phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	disputed
eoan	DNE
esm-apps/bionic	not-affected	disputed
esm-apps/focal	not-affected	disputed
esm-apps/jammy	not-affected	disputed
esm-apps/noble	not-affected	disputed
esm-apps/xenial	not-affected	disputed
esm-infra-legacy/trusty	not-affected	disputed
focal	not-affected	disputed

Показывать по

Ссылки на источники

EPSS

Процентиль: 70%

0.00653

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2020-11441

CVSS3: 6.1

nvd

больше 5 лет назад

CVE-2020-11441

CVSS3: 6.1

debian

больше 5 лет назад

phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astrin ...

GHSA-j2jx-6pcj-jfpf

github

больше 3 лет назад

phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page.

EPSS

Процентиль: 70%

0.00653

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2020-11441

Описание

Пакет phpmyadmin

Ссылки на источники

Связанные уязвимости