youngerheart nodeserver nodeserver.js Dafiyar fayil ɗin cikin kundin ajiyar bayanai
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 6.1 | $0-$5k | 0.21 |
Gunduma
Hakika vulnerability da aka rarraba a matsayin kura an gano a youngerheart nodeserver. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil nodeserver.js, a cikin sashi $software_component. Wuro manipulation ga Dafiyar fayil ɗin cikin kundin ajiyar bayanai. Ana kiran wannan rauni da CVE-2020-36651. Babu wani exploit da ake da shi. Ya kamata a yi amfani da patch don magance wannan matsala. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Furɗe
Hakika vulnerability da aka rarraba a matsayin kura an gano a youngerheart nodeserver. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil nodeserver.js, a cikin sashi $software_component. Wuro manipulation ga Dafiyar fayil ɗin cikin kundin ajiyar bayanai. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-22. Lalle, rauni an sanar da shi 01/17/2023. Ana samun bayanin tsaro don saukewa a github.com.
Ana kiran wannan rauni da CVE-2020-36651. Bayani na fasaha ga. Wannan vulnerability ɗin ba a san shi sosai ba. Babu wani exploit da ake da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.
Á yí a wondi feere. 0-day ga, an ndiyam a wuro be $0-$5k.
Patch ɗin an san shi da c4c0f0138ab5afbac58e03915d446680421bde28. Za a iya sauke maganin matsalar daga github.com. Ya kamata a yi amfani da patch don magance wannan matsala. An rubuta wannan bayani a cikin shawarar:
[FIX] Path traversal sanitizing request path
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Kayan
Ngilabe
Sunu
Laisens
Webseite
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 6.2VulDB Meta Temp Score: 6.1
VulDB Ganda Borno: 5.5
VulDB Temp Score: 5.3
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 7.5
NVD Furɗo: 🔍
CNA Ganda Borno: 5.5
CNA Furɗo (VulDB): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 🔍
Gargajiya
Klasu: Dafiyar fayil ɗin cikin kundin ajiyar bayanaiCWE: CWE-22
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A wondi feere
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: KariHalitta: 🔍
0-Day Gana: 🔍
Kari: c4c0f0138ab5afbac58e03915d446680421bde28
Waktin layi
01/16/2023 🔍01/16/2023 🔍
01/17/2023 🔍
02/09/2023 🔍
Ngizim
Kayan: github.comGargaaji: c4c0f0138ab5afbac58e03915d446680421bde28
Halitta: Gaskiya
CVE: CVE-2020-36651 (🔍)
GCVE (CVE): GCVE-0-2020-36651
GCVE (VulDB): GCVE-100-218461
Gumti
Súgá: 01/17/2023 00:10Gargadi: 02/09/2023 09:24
Goyarwa: 01/17/2023 00:10 (40), 02/09/2023 09:19 (3), 02/09/2023 09:24 (28)
Gadankam: 🔍
Cache ID: 253:C45:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.