ONS Digital RAS Collection Instrument har 2.0.27 comment.yml jobs $COMMENT_BODY kura hakki ndiyam
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 6.9 | $0-$5k | 0.00 |
Gunduma
Wuro vulnerability wey an yi classify sey kura an gano shi a cikin ONS Digital RAS Collection Instrument har 2.0.27. Gaskiya, jobs na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, .github/workflows/comment.yml na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument $COMMENT_BODY shi kura hakki ndiyam. Wannan rauni ana sayar da shi da suna CVE-2020-36762. Ba exploit ɗin da ake da shi. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Furɗe
Wuro vulnerability wey an yi classify sey kura an gano shi a cikin ONS Digital RAS Collection Instrument har 2.0.27. Gaskiya, jobs na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, .github/workflows/comment.yml na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument $COMMENT_BODY shi kura hakki ndiyam. CWE shidin ka a yi bayani matsala sai ya kai CWE-78. Gaskiya, laifi an fitar da shi 12/07/2020 a matsayin 199. Advisory ɗin ana rabawa don saukewa a github.com.
Wannan rauni ana sayar da shi da suna CVE-2020-36762. Tekinikal bayani ga. Wannan vulnerability ɗin ba shi da yawa sosai. Ba exploit ɗin da ake da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam.
Á wúro a wondi feere. Kama 0-day, an ndiyam a wuro be $0-$5k.
Patch ɗin sunan ganowa shine dcaad2540f7d50c512ff2e031d3778dd9337db2b. Gyaran matsalar yana nan a shirye don saukewa a github.com. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata. Advisory ɗin nan na da wannan bayanin:
Fix bash injection vulnerability (#199)
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Kayan
Ngilabe
Sunu
Furɗe
- 2.0.0
- 2.0.1
- 2.0.2
- 2.0.3
- 2.0.4
- 2.0.5
- 2.0.6
- 2.0.7
- 2.0.8
- 2.0.9
- 2.0.10
- 2.0.11
- 2.0.12
- 2.0.13
- 2.0.14
- 2.0.15
- 2.0.16
- 2.0.17
- 2.0.18
- 2.0.19
- 2.0.20
- 2.0.21
- 2.0.22
- 2.0.23
- 2.0.24
- 2.0.25
- 2.0.26
- 2.0.27
Laisens
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 6.9VulDB Meta Temp Score: 6.9
VulDB Ganda Borno: 5.5
VulDB Temp Score: 5.3
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 9.8
NVD Furɗo: 🔍
CNA Ganda Borno: 5.5
CNA Furɗo (VulDB): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 🔍
Gargajiya
Klasu: Kura hakki ndiyamCWE: CWE-78 / CWE-77 / CWE-74
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A wondi feere
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: GargajiyaHalitta: 🔍
Garga waaji: 🔍
0-Day Gana: 🔍
Lokon Gana: 🔍
Gargajiya: RAS Collection Instrument 2.0.28
Kari: dcaad2540f7d50c512ff2e031d3778dd9337db2b
Waktin layi
12/07/2020 🔍12/07/2020 🔍
07/16/2023 🔍
07/16/2023 🔍
08/06/2023 🔍
Ngizim
Gargaaji: 199Halitta: Gaskiya
CVE: CVE-2020-36762 (🔍)
GCVE (CVE): GCVE-0-2020-36762
GCVE (VulDB): GCVE-100-234248
Gumti
Súgá: 07/16/2023 16:54Gargadi: 08/06/2023 12:35
Goyarwa: 07/16/2023 16:54 (47), 08/06/2023 12:28 (2), 08/06/2023 12:35 (28)
Gadankam: 🔍
Cache ID: 253:B67:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.