OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/166217/part-db-0.5.11-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry |
https://github.com/part-db/part-db/commit/9cd4eee393028aa4cab70fcbac284b0028c0bc95 | Patch Third Party Advisory |
https://huntr.dev/bounties/3e91685f-cfb9-4ee4-abaf-9b712a8fd5a6 | Exploit Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-03-04 09:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-0848
Mitre link : CVE-2022-0848
CVE.ORG link : CVE-2022-0848
JSON object : View
Products Affected
part-db_project
- part-db
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')