exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2024-46977

больше 1 года назад

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method allows an authenticated user with adequate permissions to download any .txt via the ScreensController#show on the web server COSMOS is running on (depending on the file permissions). This vulnerability is fixed in 5.19.0.

CVSS3: 6.5

EPSS: Низкий

GHSA-8jxr-mccc-mwg8

больше 1 года назад

OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-46977 OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method allows an authenticated user with adequate permissions to download any .txt via the ScreensController#show on the web server COSMOS is running on (depending on the file permissions). This vulnerability is fixed in 5.19.0.	CVSS3: 6.5	1% Низкий	больше 1 года назад
	GHSA-8jxr-mccc-mwg8 OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)	CVSS3: 6.5	1% Низкий	больше 1 года назад

Уязвимостей на страницу