Количество 2
Количество 2
CVE-2024-48987
больше 1 года назад
Snipe-IT before 7.0.10 allows remote code execution (associated with cookie serialization) when an attacker knows the APP_KEY. This is exacerbated by .env files, available from the product's repository, that have default APP_KEY values.
CVSS3: 6.6
EPSS: Низкий
GHSA-57qh-vmjr-5jxg
больше 1 года назад
Snipe-IT remote code execution
CVSS3: 7.2
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-48987 Snipe-IT before 7.0.10 allows remote code execution (associated with cookie serialization) when an attacker knows the APP_KEY. This is exacerbated by .env files, available from the product's repository, that have default APP_KEY values. | CVSS3: 6.6 | 2% Низкий | больше 1 года назад |
| GHSA-57qh-vmjr-5jxg Snipe-IT remote code execution | CVSS3: 7.2 | 2% Низкий | больше 1 года назад |
Уязвимостей на страницу
20