Количество 3
Количество 3
CVE-2024-36078
In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes (which run with the environment and permissions of the Zammad user).
CVE-2024-36078
In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with ...
GHSA-999v-p9fh-4w86
In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes (which run with the environment and permissions of the Zammad user).
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-36078 In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes (which run with the environment and permissions of the Zammad user). | CVSS3: 6.7 | 0% Низкий | больше 1 года назад |
| CVE-2024-36078 In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with ... | CVSS3: 6.7 | 0% Низкий | больше 1 года назад |
| GHSA-999v-p9fh-4w86 In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes (which run with the environment and permissions of the Zammad user). | CVSS3: 6.7 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу