Количество 2
Количество 2
CVE-2024-48514
больше 1 года назад
php-heic-to-jpg <= 1.0.5 is vulnerable to code injection (fixed in 1.0.6). An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no longer guaranteed. This affects php-heic-to-jpg 1.0.5 and below.
CVSS3: 9.8
EPSS: Низкий
GHSA-g8v9-c8m3-942v
больше 1 года назад
Remote code execution in php-heic-to-jpg
CVSS3: 9.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-48514 php-heic-to-jpg <= 1.0.5 is vulnerable to code injection (fixed in 1.0.6). An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no longer guaranteed. This affects php-heic-to-jpg 1.0.5 and below. | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
| GHSA-g8v9-c8m3-942v Remote code execution in php-heic-to-jpg | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу
20