exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2014-3137

больше 11 лет назад

Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.

CVSS2: 6.8

EPSS: Низкий

CVE-2014-3137

больше 11 лет назад

Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.

CVSS2: 6.8

EPSS: Низкий

CVE-2014-3137

больше 11 лет назад

Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before ...

CVSS2: 6.8

EPSS: Низкий

GHSA-873q-wpqr-xfgw

больше 3 лет назад

Bottle does not properly limit content-types

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-3137 Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.	CVSS2: 6.8	1% Низкий	больше 11 лет назад
CVE-2014-3137 Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.	CVSS2: 6.8	1% Низкий	больше 11 лет назад
CVE-2014-3137 Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before ...	CVSS2: 6.8	1% Низкий	больше 11 лет назад
GHSA-873q-wpqr-xfgw Bottle does not properly limit content-types	CVSS3: 9.8	1% Низкий	больше 3 лет назад

Уязвимостей на страницу