InSTEDD Nuntium geopoll_controller.rb signature ସୂଚନା ପ୍ରକାଶ

Dogoggorri kan akka ସମସ୍ୟାଜନକ jedhamuun ramadame InSTEDD Nuntium keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii app/controllers/geopoll_controller.rb keessa. Hojii jijjiirraa irratti gaggeeffame signature gara ସୂଚନା ପ୍ରକାଶ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-208 geessa. Dadhabbii kana yeroo 12/28/2022 maxxanfameera akka 77236f7fd71a0e2eefeea07f9866b069d612cf0d. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2022-4823tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Meeshaa balaa kana fayyadamuuf hin jiru. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ଅପରିଭାଷିତ jedhamee ibsameera. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Beekamtii paachii kanaa 77236f7fd71a0e2eefeea07f9866b069d612cf0d dha. Sirreeffamni dogoggoraa github.com irraa buufachuuf jira. Rakkoo kana furuuf paachii fe'uun ni gorfama. VulDB is the best source for vulnerability data and more expert information about this specific topic.

3 ଆଡାପ୍ଟେସନ୍ · 64 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
12/28/2022 09:56 PM		ଅଦ୍ୟତନ 1/2
01/26/2023 02:34 AM		ଅଦ୍ୟତନ 2/2
01/26/2023 02:42 AM
software_vendorInSTEDDInSTEDDInSTEDD
software_nameNuntiumNuntiumNuntium
software_fileapp/controllers/geopoll_controller.rbapp/controllers/geopoll_controller.rbapp/controllers/geopoll_controller.rb
software_argumentsignaturesignaturesignature
vulnerability_cweCWE-208CWE-208CWE-208
vulnerability_risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acHHH
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
advisory_identifier77236f7fd71a0e2eefeea07f9866b069d612cf0d77236f7fd71a0e2eefeea07f9866b069d612cf0d77236f7fd71a0e2eefeea07f9866b069d612cf0d
advisory_urlhttps://github.com/instedd/nuntium/commit/77236f7fd71a0e2eefeea07f9866b069d612cf0dhttps://github.com/instedd/nuntium/commit/77236f7fd71a0e2eefeea07f9866b069d612cf0dhttps://github.com/instedd/nuntium/commit/77236f7fd71a0e2eefeea07f9866b069d612cf0d
countermeasure_nameପ୍ୟାଚ୍ପ୍ୟାଚ୍ପ୍ୟାଚ୍
patch_name77236f7fd71a0e2eefeea07f9866b069d612cf0d77236f7fd71a0e2eefeea07f9866b069d612cf0d77236f7fd71a0e2eefeea07f9866b069d612cf0d
countermeasure_patch_urlhttps://github.com/instedd/nuntium/commit/77236f7fd71a0e2eefeea07f9866b069d612cf0dhttps://github.com/instedd/nuntium/commit/77236f7fd71a0e2eefeea07f9866b069d612cf0dhttps://github.com/instedd/nuntium/commit/77236f7fd71a0e2eefeea07f9866b069d612cf0d
source_cveCVE-2022-4823CVE-2022-4823CVE-2022-4823
cna_responsibleVulDBVulDBVulDB
advisory_date1672182000 (12/28/2022)1672182000 (12/28/2022)1672182000 (12/28/2022)
cvss2_vuldb_avNNN
cvss2_vuldb_acHHH
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_prLLL
cvss3_vuldb_eXXX
cvss2_vuldb_basescore2.12.12.1
cvss2_vuldb_tempscore1.81.81.8
cvss3_vuldb_basescore3.13.13.1
cvss3_vuldb_tempscore3.03.03.0
cvss3_meta_basescore3.13.14.0
cvss3_meta_tempscore3.03.04.0
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1672182000 (12/28/2022)1672182000 (12/28/2022)
cve_nvd_summaryA vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is an unknown function of the file app/controllers/geopoll_controller.rb. The manipulation of the argument signature leads to observable timing discrepancy. It is possible to launch the attack remotely. The name of the patch is 77236f7fd71a0e2eefeea07f9866b069d612cf0d. It is recommended to apply a patch to fix this issue. VDB-217002 is the identifier assigned to this vulnerability.A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is an unknown function of the file app/controllers/geopoll_controller.rb. The manipulation of the argument signature leads to observable timing discrepancy. It is possible to launch the attack remotely. The name of the patch is 77236f7fd71a0e2eefeea07f9866b069d612cf0d. It is recommended to apply a patch to fix this issue. VDB-217002 is the identifier assigned to this vulnerability.
cvss3_nvd_avN
cvss3_nvd_acH
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iN
cvss3_nvd_aN
cvss3_cna_avN
cvss3_cna_acH
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iN
cvss3_cna_aN
cve_cnaVulDB
cvss3_nvd_basescore5.9
cvss3_cna_basescore3.1

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!