exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2021-23727

около 4 лет назад

This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.

CVSS3: 7.5

EPSS: Низкий

CVE-2021-23727

около 4 лет назад

This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.

CVSS3: 8

EPSS: Низкий

CVE-2021-23727

около 4 лет назад

This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.

CVSS3: 7.5

EPSS: Низкий

CVE-2021-23727

около 4 лет назад

This affects the package celery before 5.2.2. It by default trusts the ...

CVSS3: 7.5

EPSS: Низкий

GHSA-q4xr-rc97-m4xx

около 4 лет назад

OS Command Injection in celery

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-23727 This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.	CVSS3: 7.5	1% Низкий	около 4 лет назад
CVE-2021-23727 This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.	CVSS3: 8	1% Низкий	около 4 лет назад
CVE-2021-23727 This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.	CVSS3: 7.5	1% Низкий	около 4 лет назад
CVE-2021-23727 This affects the package celery before 5.2.2. It by default trusts the ...	CVSS3: 7.5	1% Низкий	около 4 лет назад
GHSA-q4xr-rc97-m4xx OS Command Injection in celery	CVSS3: 7.5	1% Низкий	около 4 лет назад

Уязвимостей на страницу